CVE-2010-1443

Name of the Vulnerable Software and Affected Versions VLC media player versions prior to 1.0.6

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash. This can be achieved through an empty location element in an XML Shareable Playlist Format (XSPF) document. The parse track node function in the XSPF playlist parser is affected.

Recommendations For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue. As a temporary workaround, consider avoiding the use of empty location elements in XSPF documents to minimize the risk of exploitation.