CVE-2011-1087

Name of the Vulnerable Software and Affected Versions VideoLAN VLC media player version 1.0.5

Description The issue allows user-assisted remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code. This can be achieved via a crafted .mp3 file that is played during bookmark creation. The exploitation requires active actions from the user side.

Recommendations For version 1.0.5, consider avoiding the use of bookmark creation with .mp3 files until a patch is available. As a temporary workaround, restrict the playback of .mp3 files to minimize the risk of exploitation.