Fortinet Discovers VideoLAN VLC ID3v2 Flags Denial Of Service Vulnerability
Fortinet's FortiGuard Labs has discovered a vulnerability in VideoLAN VLC, which allows a remote attacker to cause a denial of service through a malformed media file.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Aug 19, 2010
Users should apply the solution provided by VideoLAN.
Additional InformationThe VLC player crashes upon loading a media file containing specifically crafted ID3v2 tags.
David Maciejak & Dehui Yin of Fortinet's FortiGuard Labs