VLC Media Player '.AVI' File BOF Vulnerability (Linux)

Summary
The host is installed with VLC Media Player and is prone to buffer overflow vulnerability.
Impact
Successful exploitation could allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Impact Level: Application
Solution
Upgrade to the VLC media player version 1.1.11 or later, For updates refer to http://www.videolan.org/
Insight
The flaw is due to an integer underflow error when parsing the 'strf' chunk within AVI files can be exploited to cause a heap-based buffer overflow.
Affected
VLC media player version prior to 1.1.11 on Linux.
References