VideoLAN VLC Media Player MKV Demuxer Code Execution

2011-06-27T00:00:00
ID SAINT:247793ED4A5F81141085F5CFD69DF3F9
Type saint
Reporter SAINT Corporation
Modified 2011-06-27T00:00:00

Description

Added: 06/27/2011
CVE: CVE-2011-0531
BID: 46060
OSVDB: 70698

Background

VLC media player is a media player supporting various audio and video formats for multiple platforms.

Problem

VideoLan VLC 1.1.6.1 and earlier are vulnerable to a remote code execution vulnerability as a result of insufficient input validation. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted **MKV** (**Matroska** or **WebM**) file.

Resolution

Upgrade to VLC media player 1.1.7 or higher. Patches for some older versions are also available.

References

<http://www.videolan.org/security/sa1102.html>

Limitations

Exploit works on VideoLAN VLC 1.1.0.

The user must open the exploit file on the target with a vulnerable version of VLC.

Platforms

Windows