Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

VLC Media Player < 0.9.8a RealMedia Processing Remote Integer Overflow (deprecated)

Medium

Synopsis

The remote Windows host contains an application that is affected by an integer overflow vulnerability.

Description

The version of VLC Media Player 0.9 installed on the remote host is earlier than 0.9.8a. Such versions contain a heap-based integer buffer overflow in the Real demuxer plugin (libreal_plugin.*'). If an attacker can trick a user into opening a specially crafted RealMedia (.rm) file, he may be able to execute arbitrary code within the context of the affected application.

Solution

Upgrade to version 0.9.8a or higher.