Intrusion Prevention



This indicates an attempt to exploit a stack-based buffer overflow vulnerability in VLC media player.
This issue is caused by an error when the vulnerable software is handling overlong "smb://" uri in the xspf (XML Shareable Playlist Format ) file. It allows a remote attacker to execute arbitrary code via sending a crafted xspf file.

Affected Products

VLC Media Player version 0.9.9 and prior (Windows)


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch,available from the web site.;a=commit;h=e60a9038b13b5eb805a76755efc5c6d5e080180f

CVE References