Summary : Arbitrary file overwrite and other abuses through M3U parser Date : November 2007 Affected versions : VLC media player 0.8.6c and earlier ID : VideoLAN-SA-0804 CVE reference : CVE-2007-6683
Using VLC media player's M3U Playlist Parser could lead to arbitrary file overwrite and other unwanted action within the security context of the user running VLC.
If successful, a malicious third party could misuse the Stream Output features of VLC media player's the M3U Playlist Parser to write arbitrary data to any accessible file system locations, send packets on the network, etc.
Exploitation of these design issues requires the user to open a specially crafted M3U playlist file.
The user should not use VLC media player's
setting, which enables parsing of exploitable playlist item options.
This option is only found in some 0.8.6 releases;
from VLC 0.9.0, unsafe playlist extensions are always ignored.
VLC media player 0.8.6d addresses these design issues and introduces further usability fixes.
These vulnerabilities were discovered internally by multiple members of the VideoLAN Team, notably Damien Fouilleul and Rémi Denis-Courmont.