FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

vlc -- arbitrary code execution in Real RTSP and MMS support

Affected packages
vlc < 2.0.1,3

Details

VuXML ID 62f36dfd-ff56-11e1-8821-001b2134ef46
Discovery 2012-03-12
Entry 2012-09-15

Jean-Baptiste Kempf, on behalf of the VideoLAN project reports:

If successful, a malicious third party could crash the VLC media player process. Arbitrary code execution could be possible on some systems.

References

CVE Name CVE-2012-1775
CVE Name CVE-2012-1776
URL http://www.videolan.org/security/sa1201.html
URL http://www.videolan.org/security/sa1202.html