Release DateDec 29, 2009 |
Severitymedium |
ImpactSystem Compromise |
DescriptionThis indicates an attack attempt against a buffer-overflow vulnerability in VideoLAN VLC media player.The vulnerability is caused by an error when the vulnerable software handles a specially crafted ".mp4" file. It allows a remote attacker to execute arbitrary code. |
Affected ProductsVideoLAN VLC media player 1.0.1 and previous versions |
Recommended ActionsUpgrade to the latest versions:http://www.videolan.org/ |
Coverage IPS
VCM |
Reference/shttp://secunia.com/advisories/36762/http://www.vupen.com/english/advisories/2009/2691 http://xforce.iss.net/xforce/xfdb/53366 http://www.securityfocus.com/bid/36439 (BugTraq) |
