CVE-2010-3124

Name of the Vulnerable Software and Affected Versions VLC Media Player versions 1.1.3 and earlier

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse wintab32.dll located in the same folder as a .mp3 file.

Recommendations For versions 1.1.3 and earlier, consider restricting access to untrusted files and folders to minimize the risk of exploitation. As a temporary workaround, avoid playing .mp3 files from untrusted sources until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.