Forum Thread: VLC is not insecure

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
ryan121 VLC is not insecure
Member 31st Mar, 2010 12:06
Ranking: 5
Posts: 4
User Since: 27th May, 2008
System Score: N/A
Location: N/A
I've noticed for the past few weeks my browsers have been marked as unsafe because VLC media player is apparently insecure with no solution but this is incorrect and needs updated.

The Videolan site has wrote in it's blog about this:

"Outdated security issue

2010-03-22

So-called "Security" teams are spreading wrong information about an "unpatched" security issue in VLC.
ISS and SecurityFocus are presenting a security issue in versions of VLC, that are, in fact, more than 2 years old. This issue has been fixed since a long time and since 20 versions of VLC.

Of course, the latest version of VLC isn't affected."


I was just hoping this would be updated soon, thanks.

This user no longer exists RE: VLC is not insecure
Secunia Official 31st Mar, 2010 13:04
Last edited on 31st Mar, 2010 13:24 Hi

The PSI will show VLC as "Insecure, no solution" in the "Secure Browsing" tab.

Please note that the vulnerability mentioned in the VLC blog is different from the one described in our Advisory:
http://secunia.com/advisories/38853/

This is the only unpatched vulnerability in VLC according to Secunia Advisories

It looks like this advisory addresses the same CVE report as the one mentioned in the VLC blog.
http://secunia.com/advisories/28233/

As you can see, Secunia has marked this vulnerability as "Patched", so the problem addressed in the VLC blog doesn't affect your scan results.

This thread has been marked as locked.