VLC Media Player 0.9.6 - Forum - Community

Vulnerability Information

Vulnerability Scanning

Community

Blog

Corporate Information

Home > Community > Forum > Show thread > VLC Media Player 0.9.6

Forum

All Threads

Create New Thread

About

Forum Thread: VLC Media Player 0.9.6

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Problems and Questions Regarding 3rd Party Programs

Relating to this vendor:

And, this specific program:
VLC media player 0.x

Z4ppy	VLC Media Player 0.9.6
	by Z4ppy on 7th Dec, 2008 16:43, last edited on 7th Dec, 2008 16:44
Posts: 6 User Since: 30th Nov, 2008 Secunia System Score: N/A Location: CH	Until yesterday, VLC Media Player 0.9.6 has been detected as insecure, caused by this vulnerability: http://secunia.com/advisories/32942/ This bug hasn't been fixed until now (only in 0.9.8a, but this version isn't available for Windows atm), but PSI detects it as secure. Why? Z4ppy PS: Sorry for my English, I'm German ;) I hope you understand what I tried to explain...
	Reply Quote

BigDave_39	RE: VLC Media Player 0.9.6
	by BigDave_39 on 7th Dec, 2008 20:14, last edited on 7th Dec, 2008 20:14
Posts: 175 User Since: 26th Nov, 2008 Secunia System Score: N/A Location: Washington, DC, US	on 7th Dec, 2008 16:43, Z4ppy wrote: Until yesterday, VLC Media Player 0.9.6 has been detected as insecure, caused by this vulnerability: http://secunia.com/advisories/32942/ This bug hasn't been fixed until now (only in 0.9.8a, but this version isn't available for Windows atm), but PSI detects it as secure. Why? I think you answered your own question. The psi will only notify you if there are security patches available. Since there's no patch from the vendor - then there is no patch the psi can refer you to. See also this thread: http://secunia.com/community/forum/thread/show/725... on 7th Dec, 2008 16:43, Z4ppy wrote: PS: Sorry for my English, I'm German ;) I hope you understand what I tried to explain... Your English is pretty good, so no problems there m8 ;-) -- Big Dave
	Reply Quote

Z4ppy2	RE: VLC Media Player 0.9.6
	by Z4ppy2 on 7th Dec, 2008 22:13
Posts: 2 User Since: 7th Dec, 2008 Secunia System Score: N/A Location: N/A	on 7th Dec, 2008 20:14, BigDave_39 wrote: I think you answered your own question. The psi will only notify you if there are security patches available. Since there's no patch from the vendor - then there is no patch the psi can refer you to. See also this thread: http://secunia.com/community/forum/thread/show/725... Your English is pretty good, so no problems there m8 ;-) I thought, PSI lists all programs, that have vulnerabilities atm, as insecure and those, who are patched, as secure. So if a patch is available, it's listed as secure? That won't be logical... It's still insecure until applying the patch... The thread didn't help me very much... Thanks :) Z4ppy
	Reply Quote

Timothy.Berry	RE: VLC Media Player 0.9.6
	by Timothy.Berry on 8th Dec, 2008 11:41
Posts: 1 User Since: 24th Oct, 2008 Secunia System Score: N/A Location: N/A	on 7th Dec, 2008 22:13, Z4ppy2 wrote: I thought, PSI lists all programs, that have vulnerabilities atm, as insecure and those, who are patched, as secure. So if a patch is available, it's listed as secure? That won't be logical... It's still insecure until applying the patch... The thread didn't help me very much... Thanks :) Z4ppy Can someone from Secunia confirm that whether there is a patch or not, if there is a known vulnerability, then PSI lists it as such?
	Reply Quote

CourageDK	RE: VLC Media Player 0.9.6
	by CourageDK on 9th Dec, 2008 23:32, last edited on 9th Dec, 2008 23:32
Posts: 23 User Since: 9th Dec, 2008 Secunia System Score: N/A Location: DK	I have discovered problems with VLC too. Im not sure if it the same problem i repeat. But my PSI says VLC is unsecure, and when i click on the "make secure"-button, it downloads stuff, uninstall VLC and install a new one. no difference at all, i have tried that twice now... no difference... is VLC unsecure or is it a bug? (Sorry for my bad English ^^ I'm Danish)
	Reply Quote

duallydave	RE: VLC Media Player 0.9.6
	by duallydave on 10th Dec, 2008 01:02
Posts: 2 User Since: 10th Dec, 2008 Secunia System Score: N/A Location: Seattle, US	I had the same experience, I put it in an ignore rule. Hopefully I remember to revisit this later and get it resolved. I don't use VLC much though. If I had a cablecard for my HTPC I would use VLC more, but most of the good channels are encrypted.
	Reply Quote

Z4ppy	RE: VLC Media Player 0.9.6
	by Z4ppy on 11th Dec, 2008 17:31, last edited on 11th Dec, 2008 17:31
Posts: 6 User Since: 30th Nov, 2008 Secunia System Score: N/A Location: CH	on 9th Dec, 2008 23:32, CourageDK wrote: I have discovered problems with VLC too. Im not sure if it the same problem i repeat. But my PSI says VLC is unsecure, and when i click on the "make secure"-button, it downloads stuff, uninstall VLC and install a new one. no difference at all, i have tried that twice now... no difference... is VLC unsecure or is it a bug? (Sorry for my bad English ^^ I'm Danish) VLC is insecure! Have a look at the link in the first post ;) PSI downloads the newest version, that is 0.9.6, but if you already installed 0.9.6, PSI still wants to download and reinstall it :D So PSI detects a newer version that is the one that is installed... Another bug with VLC :D The bug I reported is fixed... VLC is detected as insecure again ;) But the 0.9.8a for Windows has been released, so in a few moments, it's not insecure anymore :) Z4ppy
	Reply Quote

CourageDK	RE: VLC Media Player 0.9.6
	by CourageDK on 11th Dec, 2008 19:25
Posts: 23 User Since: 9th Dec, 2008 Secunia System Score: N/A Location: DK	Fine, Thx ;D
	Reply Quote

mrbellek	RE: VLC Media Player 0.9.6
	by mrbellek on 15th Dec, 2008 10:33
Posts: 4 User Since: 15th Dec, 2008 Secunia System Score: N/A Location: N/A	I just installed VLC 0.9.8a (file version info 0.9.8.1) on Windows XP SP2 here, and it is still detected by the PSI as 0.9.6, and as insecure. Can you please fix this?
	Reply Quote

Z4ppy	RE: VLC Media Player 0.9.6
	by Z4ppy on 15th Dec, 2008 17:15
Posts: 6 User Since: 30th Nov, 2008 Secunia System Score: N/A Location: CH	I installed 0.9.8a and it's detected as 0.9.8a... So the problem must be your computer (or you :P) Scan the file again or try to deinstall the installed version and reinstall 0.9.8a... Should work ;) Z4ppy
	Reply Quote

BigDave_39	RE: VLC Media Player 0.9.6
	by BigDave_39 on 15th Dec, 2008 21:01
Posts: 175 User Since: 26th Nov, 2008 Secunia System Score: N/A Location: Washington, DC, US	on 15th Dec, 2008 10:33, mrbellek wrote: I just installed VLC 0.9.8a (file version info 0.9.8.1) on Windows XP SP2 here, and it is still detected by the PSI as 0.9.6, and as insecure. Can you please fix this? Try checking the path to where the psi detected this insecure item, the psi is so thorough that it picks up all copies on your harddrive :-) -- Big Dave
	Reply Quote

mrbellek	RE: VLC Media Player 0.9.6
	by mrbellek on 15th Dec, 2008 23:59
Posts: 4 User Since: 15th Dec, 2008 Secunia System Score: N/A Location: N/A	There is only one copy of vlc.exe on my HD and it's detected wrong. Nevermind, I'll just add an ignore rule.
	Reply Quote