Summary : Heap overflow in AVI demuxer
Date : 12 July 2011
Affected versions : VLC media player 1.1.10 down to 0.5.0
ID : VideoLAN-SA-1106
CVE references : CVE-2011-2588
Details
VLC media player suffers from a heap overflow vulnerability
in the AVI file parser.
Impact
If successful, a malicious third party could crash the player instance.
Arbitrary code execution within the context of VLC media player might be
possible, though it was unconfirmed.
Threat mitigation
Exploitation of those bugs requires the user to explicitly open specifically
crafted malicious files.
Workarounds
The user may refrain from opening files from untrusted sources.
Alternatively, the AVI plugin (demux/libavi_plugin.*) can be removed.
This will however prevent use of any of AVI media files.
Solution
VLC media player 1.1.11 addresses this issue
and introduces further stability fixes.
A source code patch is also available as an alternative.
Credits
This vulnerability was discovered by Hossein Lotfi
and reported via Secunia.
