VideoLAN VLC Multiple Remote Code Execution Vulnerabilities

info
discussion
exploit
solution
references

VideoLAN VLC Multiple Remote Code Execution Vulnerabilities

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following proof-of-concept code and exploit are available:

/data/vulnerabilities/exploits/vlcboffs.zip
/data/vulnerabilities/exploits/27015.c
/data/vulnerabilities/exploits/27015.py