Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player prior to 0.8.6c allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
videolan vlc media player 0.8.6a |
||
videolan vlc media player 0.8.6b |