First published: Thu Jan 17 2008(Updated: )
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
VideoLAN VLC | =0.8.6d |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.