Intrusion Prevention

VideoLan.VLC.Subtitle.Remote.Code.Execution

Description

This indicates an attempt to exploit one of multiple Buffer Overflow vulnerabilities in VLC Media Player.
The vulnerabilities are caused by a buffer overflow that occurs when handling subtitles and by a format string error in the tiny web interface. These vulnerabilities can be exploited by attackers to crash the application or execute arbitrary code.

Affected Products

VLC version 0.8.6d 0.8.6b
Other versions may also be affected.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to the latest version, available from the website:
http://www.videolan.org/vlc/

CVE References

CVE-2007-6681