SHARE
CORE IMPACT v7.5 - Exploits Update (Fri Jan 04 2008)
VideoLAN VLC buffer overflow subtitle exploit update
Exploits/Client Side [Windows]
• Fri Jan 04 2008
VLC is able to handle the subtitles automatically in a very simple way, it just checks the presence of ssa files with the same name of the loaded video and a possible subtitles folder. The functions which handle the MicroDvd, SSA and Vplayer subtitle formats are vulnerable to some stack based buffer-overflow vulnerabilities which can allow an attacker to execute malicious code. Added support for Windows Vista, 2003 and 2000.
Exploits Vulnerabiltiy: CVE-9999-2040