Gustavo-Grieco

**Name of the Vulnerable Software and Affected Versions** VideoLAN VLC media player versions prior to 2.2.0 **Description** The issue is related to a buffer overflow in the AStreamPeekStream function, which can be exploited by remote attackers to cause a denial of service (crash) via a crafted wav file. This is related to "seek across EOF." The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the AStreamPeekStream function until a patch is available. Restrict access to crafted wav files to minimize the risk of exploitation.