Intrusion Prevention

RealText.File.Parameter.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in VideoLAN VLC Media Player.
The vulnerability is caused by an error when the vulnerable software playing a specially crafted RealText (.rt) subtitle file. It allows a remote attacker to execute arbitrary code.

Affected Products

VideoLAN VLC media player 0.9.5
VideoLAN VLC media player 0.9.4
VideoLAN VLC media player 0.9.3
VideoLAN VLC media player 0.9.2
VideoLAN VLC media player 0.9.1
VideoLAN VLC media player 0.9

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to version 0.9.6:
http://www.videolan.org/.

CVE References

CVE-2008-5036