NuytsTech Security

CVE-2007-6683

by ·

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.

Date published : 2008-01-16

http://www.securityfocus.com/bid/28712

https://trac.videolan.org/vlc/changeset/23197

Tags: