CVE-2010-1444

Name of the Vulnerable Software and Affected Versions VideoLAN VLC media player versions prior to 1.0.6

Description The issue concerns the ZIP archive decompressor in the VideoLAN VLC media player, which allows remote attackers to cause a denial of service, resulting in invalid memory access and application crash, or possibly execute arbitrary code via a crafted archive.

Recommendations For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the ZIP archive decompressor until a patch is available. Restrict access to potentially malicious ZIP archives to minimize the risk of exploitation.