VLC Media Player Buffer Overflow in HTML Subtitle Parser Lets Remote Users Execute Arbitrary Code
VLC Media Player 2.0.4, possibly earlier versions
Some vulnerabilities have been reported in VLC Media Player
Some vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to errors when parsing HTML subtitles in modules/codec/subsdec.c and can be exploited to cause buffer overflows via a specially crafted subtitle file.
A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.