Release DateMar 11, 2010 |
Severityhigh |
ImpactSystem Compromise |
DescriptionThis indicates an attack attempt against a memory corruption vulnerability in VideoLAN VLC media player.The vulnerability is caused by an invalid free error when the vulnerable software handles a specially crafted SMB URI. It allows a remote attacker to execute arbitrary code. |
Affected ProductsVideoLAN VLC media player 1.0.1VideoLAN VLC media player 1.0 VideoLAN VLC media player 0.9.9 |
Recommended ActionsUpdate to the latest versions:http://www.videolan.org/ |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/35500 (BugTraq) |
