CVE-2013-1868

Name of the Vulnerable Software and Affected Versions VideoLAN VLC media player versions 2.0.4 and earlier

Description The issue is related to multiple buffer overflows in the VideoLAN VLC media player, which can be exploited by remote attackers to cause a denial of service (crash) and potentially execute arbitrary code. The buffer overflows are related to the freetype renderer and the HTML subtitle parser.

Recommendations For versions 2.0.4 and earlier, update to a version later than 2.0.4 to resolve the issue. As a temporary workaround, consider disabling the freetype renderer and HTML subtitle parser until a patch is available. Restrict access to these components to minimize the risk of exploitation.