The host is installed with VLC Media Player and is prone to Denial of Service vulnerability.

Successful exploitation could allow attackers to crash the affected application, denying service to legitimate users. Impact Level: Application

Upgrade to the VLC media player version 1.1.3 or later, For updates refer to http://www.videolan.org/vlc/

The flaw is due to an input validation error when trying to extract meta-informations about input media through 'ID3v2' tags.

VLC media player version prior to 1.1.3 on Windows.

• http://seclists.org/oss-sec/
• http://www.videolan.org/security/sa1004.html

---

Updated on 2015-03-25