Florent Hochwelker

**Name of the Vulnerable Software and Affected Versions** VideoLAN VLC media player versions prior to 2.0.1 **Description** The issue is related to a stack-based buffer overflow that can be triggered by a crafted MMS:// stream, potentially allowing remote attackers to execute arbitrary code. **Recommendations** For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** VLC media player versions prior to 2.0.1 **Description** The issue is related to multiple heap-based buffer overflows in the handling of crafted Real RTSP streams. This can lead to a denial of service, causing the application to crash, or potentially allow the execution of arbitrary code. **Recommendations** For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PHP versions 5.4.0beta2 **Description** The issue is related to an integer overflow in the exif process IFD TAG function in the exif extension. This allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset val value in an EXIF header in a JPEG file. **Recommendations** For PHP version 5.4.0beta2, consider disabling the exif extension until a patch is available to prevent potential exploitation.