vlc -- stack overflow in MPA, AVI and ASF demuxer

2009-09-14T00:00:00
ID 3149AB1C-C8B9-11DE-B87B-0011098AD87F
Type freebsd
Reporter FreeBSD
Modified 2009-09-14T00:00:00

Description

VideoLAN reports:

When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow. If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player.