VLC Media Player ASS File Buffer Overflow Vulnerability

VLC media player is prone to a buffer-overflow vulnerability because the Aegisub Advanced SubStation ('.ass') file handler fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

VLC media player 0.6.8 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus