Summary : DLL preloading vulnerability Date : August 2010 Affected versions : All VLC media player versions up to 1.1.3 ID : VideoLAN-SA-1005 CVE reference : CVE-2010-3124
Due to the DLL loading design on Windows, VLC loads automatically a DLL from the current directory, if it doesn't find it in VLC's application directory or in system directories. A few modules of VLC are affected (only Qt4 and DMO are known at the moment).
If successful, the exploit can execute arbitrary code within the context of VLC media player.
Microsoft has published workarounds ( https://www.microsoft.com/technet/security/advisory/2269637.mspx ) and a tool ( http://support.microsoft.com/kb/2264107 ) that fixes the vulnerability for all affected software on the computer.
The user should refrain from opening files from untrusted third parties or accessing untrusted remote sites (network shares, USB keys), until the patch is applied.
VLC media player 1.1.4 addresses this issue. The patch for VLC media player 1.1.x is available from the corresponding official VLC source code repositories.
This vulnerability was reported by Georgi Guninski, Taeho Kwon, ACROS
Security and H.D. Moore.
An exploit was posted on exploit-db by Vinay Katoch.