VLC Media Player 0.9.x < 0.9.8a RealMedia Processing Remote Integer Overflow
High Nessus Plugin ID 35068
SynopsisThe remote Windows host contains an application that is affected by an integer overflow vulnerability.
DescriptionThe version of VLC media player 0.9 installed on the remote host is earlier than 0.9.8a. Such versions contain a heap-based integer buffer overflow in the Real demuxer plugin (libreal_plugin.*'). If an attacker can trick a user into opening a specially crafted RealMedia (.rm) file, arbitrary code could be executed within the context of the affected application.
SolutionUpgrade to VLC Media Player version 0.9.8a or later.