CVE-2010-1442

Name of the Vulnerable Software and Affected Versions VideoLAN VLC versions prior to 1.0.6

Description The issue allows remote attackers to cause a denial of service, which includes invalid memory access and application crash, or possibly execute arbitrary code. This can be achieved through a crafted byte stream to the AVI, ASF, or Matroska (also known as MKV) demuxer.

Recommendations For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the demuxer functions for AVI, ASF, and Matroska files until the update is applied.