VideoLan VLC Media Player Remote Format String Vulnerability

VLC media player is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers.

VLC media player version 0.8.6 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus