VLC Media Player < 1.1.4 Path Subversion Arbitrary DLL Injection Code Execution
High Nessus Plugin ID 48906
The remote Windows host contains an application that allows arbitrary code execution.
The version of VLC media player installed on the remote host is earlier than 1.1.4. Such versions insecurely look in their current working directory when resolving DLL dependencies, such as for 'wintab32.dll'. If a malicious DLL with the same name as a required DLL is located in the application's current working directory, the malicious DLL will be loaded.
Upgrade to VLC Media Player version 1.1.4 or later.