Name of the Vulnerable Software and Affected Versions VLC (affected versions not specified)

Description A remote user can create a specifically crafted file to trigger various issues, including remote code execution through a crafted playlist by tricking the user into interacting with its elements. Additionally, read or write buffer overflows can be triggered with crafted files or through a Man-In-The-Middle (MITM) attack on the automatic updater. If successful, this could result in either a crash of VLC or arbitrary code execution with the privileges of the target user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.