Security problem with VLC media player (upgrade to version 0.9.8a recommended)
Binary package hint: vlc
When parsing the header of an invalid Real Media file an integer overflow might occur then trigger a heap-based buffer overflows.
If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player.
VLC media player 0.9.8a addresses this issue. Patches for older versions are available from the official VLC source code repository 0.9-bugfix branch.
The details of this bug is available at:
The source code of the VLC 0.9.8a is located at: