VLC.Media.Player.SMB.Win32AddConnection.Buffer.Overflow
Description
This indicates an attempt to exploit a stack-based buffer overflow vulnerability in VLC media player.
This issue is caused by an error when the vulnerable software is handling overlong "smb://" uri in the xspf (XML Shareable Playlist Format ) file. It allows a remote attacker to execute arbitrary code via sending a crafted xspf file.
Affected Products
VLC Media Player version 0.9.9 and prior (Windows)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch,available from the web site.
http://git.videolan.org/?p=vlc.git;a=commit;h=e60a9038b13b5eb805a76755efc5c6d5e080180f
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |