VLC.MediaPlayer.Format.String
Description
This indicates an attempt to exploit a format string vulnerability in VideoLAN VLC Media Player.
Format string vulnerabilities have been identified in VideoLAN VLC Media Player before 0.8.6c. They can be exploited by an attacker to compromise a victim's system via format string specifiers in:
(1) an Ogg/Vorbis file,
(2) an Ogg/Theora file,
(3) a CDDB entry for a CD Digital Audio file,
(4) Service Announce Protocol multicast packets.
Affected Products
VideoLAN VLC Media Player 0.8.6
VideoLAN VLC Media Player 0.8.6b
VideoLAN VLC Media Player 0.8.6a
Impact
System compromise.
Recommended Actions
Upgrade to the latest version, available from the Web site.
http://www.videolan.org/vlc/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |