Summary : Recursive plugin release vulnerability in Active X plugin Date : 30 November 2007 Affected versions : VLC media player 0.8.6 to 0.8.6c ID : VideoLAN-SA-0703, CORE-2007-1004 CVE reference : CVE-2007-6262
VLC media player's ActiveX plugin is prone to a recursive plugin release vulnerability when being used within specifically crafted websites.
If successful, a malicious third party could use this vulnerability to overwrite memory zones and execute arbitrary code within the context of the VLC media player's ActiveX plugin (i.e. acquire local user privileges on the vulnerable system).
Exploitation of this bug requires the user to visit a malicious crafted website using VLC media player's ActiveX plugin.
The user may use VLC media player's Mozilla plugin for Mozilla Firefox or Seamonkey, which are not affected by this issue and provide the same features set.
Otherwise, websites from untrusted sources should not be opened.
VLC media player 0.8.6d addresses this issue and introduces further usability fixes.
Pre-compiled packages for MS Windows are available at the usual download locations.
This vulnerability was discovered by Ricardo Narvaja (Ricnar) from the Exploit Writers team of Core Security Technologies.