VLC.Media.Player.SMB.Win32AddConnection.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a stack-based buffer overflow vulnerability in VLC media player.
This issue is caused by an error when the vulnerable software is handling overlong "smb://" uri in the xspf (XML Shareable Playlist Format ) file. It allows a remote attacker to execute arbitrary code via sending a crafted xspf file.

affected-products-logoAffected Products

VLC Media Player version 0.9.9 and prior (Windows)

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch,available from the web site.
http://git.videolan.org/?p=vlc.git;a=commit;h=e60a9038b13b5eb805a76755efc5c6d5e080180f

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)