INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: Subtitle Vulnerability  (Read 2035 times)

wer

  • Citizen of the Universe
  • *****
  • Posts: 2640
Subtitle Vulnerability
« on: May 24, 2017, 08:06:19 pm »

Not sure where else to post this, so forgive if I have it in the wrong place.

Have any of the recent versions (21/22/23) of MC been tested to see if they suffer from the recently discovered subtitle vulnerability?

This is an extremely dangerous vulnerability that allows remote code execution and complete takeover of a PC immediately after loading a specially formed subtitle file (in SRT and other formats).  If you're not familiar, do a google search for "subtitle vulnerability".

VLC has already been patched.

MC may not be vulnerable, but should be tested and if it is this needs to be addressed asap.  Also, I would contend, in previous versions (even though I know JRiver doesn't like to develop for past versions) due to the seriousness of it.

Both the internal player and MadVR might possibly be vectors for this.

I hadn't see this mentioned here so I wanted to bring it to JRiver's attention.

Thanks!
Logged

ferday

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 1732
Re: Subtitle Vulnerability
« Reply #1 on: May 24, 2017, 08:54:28 pm »

Logged
Pages: [1]   Go Up