Summary : Buffer overflow in ancient VLC media player Date : March 2010 Affected versions : VLC media player 0.8.6 to 0.8.6d ID : VideoLAN-SA-1002 CVE reference : CVE-2010-0364
fl0 fl0w claims to have found a buffer overflow in SSA subtitles parsing in VLC media player 0.8.6 to 0.8.6d. This is actually a subset of a collections of buffer overflows discovered and fixed in late 2007 - early 2008.
See our advisory VideoLAN-SA-0801 for more informations.
This issue only affects users of very old VLC versions.
Update to the latest VLC media player (1.0.5 at the time of writing).