Summary : Integer overflow in XSPF playlist parser Date : 07 June 2011 Affected versions : VLC media player 1.1.9 down to 0.8.5 ID : VideoLAN-SA-1104 CVE references : CVE-2011-2194
VLC media player suffers from an integer overflow vulnerability in the XSPF playlist file parser.
If successful, a malicious third party could crash the player instance. Arbitrary code execution within the context of VLC media player might be possible, though it seems impractical.
Exploitation of those bugs requires the user to explicitly open specifically crafted malicious files.
The user may refrain from opening files from untrusted sources.
Alternatively, the playlist plugin (demux/libplaylist_plugin.*) can be removed. This will however prevent use of any of all supported playlist file formats.
VLC media player 1.1.10 addresses this issue and introduces further stability fixes.
This vulnerability was reported by Rocco Calvi from stratsec on the VLC bug tracker.