TITLE:
VLC Media Player MP4 Demuxer Arbitrary Memory Overwrite

SECUNIA ADVISORY ID:
SA29122

VERIFY ADVISORY:
http://secunia.com/advisories/29122/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
VLC media player 0.x
http://secunia.com/product/7788/

DESCRIPTION:
A vulnerability has been reported in VLC Media Player, which can
potentially be exploited by malicious people to compromise a user's
system.

The vulnerability is caused due to a boundary error within the MP4
demuxer (modules/demux/mp4/mp4.c). This can be exploited to overwrite
an almost arbitrary memory address via a specially crafted MPEG-4
file.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in version 0.8.6d. Other versions may
also be affected.

SOLUTION:
Apply vendor patch.
http://www.videolan.org/patches/vlc-0.8.6-CORE-2008-0130.patch

The vendor will REPORTEDLY release version 0.8.6e soon, which fixes
the vulnerability.

Do not open untrusted files or browse untrusted websites.Thanks for posting this Broni. Missed this advisory and have VLC running on this system. Always the small programs like this that you forget about updating that people FIND their way in through. Not sure how a .patch is applied couldn't figure it out. But "e" rev is AVAILABLE on their site now so download at:

http://www.videolan.org/mirror.php?file=vlc/0.8.6e/win32/vlc-0.8.6e-win32.exeThanks for posting back, because I couldn't figure patch installation either...hehehe