VLC Media Player XSPF Playlist Integer Overflow - Ver2 (CVE-2011-2194)

An integer overflow vulnerability has been reported in VideoLAN VLC Media Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2011-2194

Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow...

CVE-2011-2194

CVE-2011-2194 describes a heap-based buffer overflow in VLC’s XSPF playlist parser that could allow a remote attacker to crash the player and potentially execute arbitrary code. Affected versions span VLC 0.8.5 through 1.1.9. Multiple open-source advisories corroborate the issue across platforms ...

[SECURITY] [DSA 2257-1] vlc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2257-1 [email protected] http://www.debian.org/security/ Nico Golde June 10, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...