Intrusion Prevention

VLC.Player.MP4.Demuxer.Buffer.Overflow

Description

This indicates an attack attempt against a buffer overflow vulnerability in VLC Media Player.
The vulnerability is caused by an error when the vulnerable software handles a malicious .mp4 file. It allows a remote attacker to execute arbitrary code via sending a crafted .mp4 file.

Affected Products

VLC Media Player version 1.0.1 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site.
http://git.videolan.org/?p=vlc.git;a=commit;h=c5b02d011b8c634d041167f4d2936b55eca4d18d