|
|
Subscribe / Log in / New account

Check Point: Hacked in Translation

[Posted May 24, 2017 by corbet]

Check Point has issued an advisory that a number of video-player applications can be compromised via specially crafted subtitles. "By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years."
to post comments

Check Point: Hacked in Translation

Posted May 24, 2017 20:41 UTC (Wed) by stqn (guest, #103999) [Link]

Don’t bother reading the checkpoint blog as there is zero information on it.
Someone found what it’s all about apparently: https://news.ycombinator.com/item?id=14409236
Different issues in different players.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds