VLC Player 2.1.5 Write Access Violation Vulnerability
Title : VLC Player 2.1.5 Write Access Violation Vulnerability Discoverer: Veysel HATAS (firstname.lastname@example.org) Web page : www.binarysniper.net Test: Windows XP SP3 Status: Not Fixed Severity : High
Discovered: 24 November 2014
Description : VLC Player contains a flaw that is triggered as user-supplied input is not properly sanitized when handling a specially crafted m2v file. This may allow a context-dependent attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code.
attachment 1: windbglog.txt
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information