First published: Wed Jul 10 2013(Updated: )
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Videolan Vlc Media Player | <=2.0.4 | |
Videolan Vlc Media Player | =2.0.0 | |
Videolan Vlc Media Player | =2.0.1 | |
Videolan Vlc Media Player | =2.0.2 | |
Videolan Vlc Media Player | =2.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.