VideoLAN.VLC.Media.Player.Format.String
Description
VLC media player has a format-string vulnerability. A remote attacker could execute arbitrary code on the system via an M3U file with a specially-crafted udp:// URL containing format string specifiers in the file.
Affected Products
VideoLAN VLC versions 0.7.0 through 0.8.6
Impact
System compromise.
Recommended Actions
Upgrade to the latest version, available from the Web site.
http://www.videolan.org/vlc/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:VideoLan. VLC. Media. Player. Format. String:VideoLAN. VLC. Media. Player. Format. String |
2020-12-11 | 16.978 |