VLC Media Player is facing an issue of double-free vulnerability

A security researcher from Pen Test Partner, Symeon Paraschoudis discovered a security loophole in VLC media player that is a critical double-free vulnerability that organizes a platform for the hackers to perform arbitrary code execution on the preferred system. The arbitrary code execution is nothing but the capability of the hacker to work on the arbitrary code. Now arises the question of what is an arbitrary code? Arbitary code or command is the key through which the hacker performs illegal access on the desired system.

The double-free vulnerability is found to be a high severity bug with a CVSS c3 score of 9.8. The issue of double-free vulnerability was first tracked after the release of VLC 3.0.7. Through this technology, the hacker can also trigger a clash of VLC.

To avoid the hacking issues caused due to the double-free vulnerability in VLC the user should be conscious about accessing files from the untrusted files. The VLC media as it is a popular media player as it provides media streaming so the hackers are targeting on the VLC to extract the video information of the users. The hackers tempt the users to open a file and through the access of that particular file, the double-free vulnerability issue occurs.

To bring a solution to this problem VideoLan has introduced a security advisor and the people are advised to update the VideoLan version and also the administrators to monitor the issue compressed system. Zero-day was actively exploited by the hackers which are found in the firefox browser.