Intrusion Prevention

WAV.File.Invalid.FMT.ChunkSize.Integer.Overflow

Description

This indicates an attack attempt against an integer-overflow vulnerability in VideoLAN VLC Media Player.
The vulnerability is caused by an integer-overflow error during the calculation of the size of a heap buffer. Remote attackers may exploit this to execute arbitrary code.

Affected Products

VideoLAN VLC media player 0.8.6 h

Impact

System Compromise

Recommended Actions

Update to "media-video/vlc-0.8.6i" or later:
http://www.videolan.org/.

CVE References

CVE-2008-2430