CVE-2007-6683

Published: 17 January 2008

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.

Priority

Low

Status

Package Release Status
vlc
Launchpad, Ubuntu, Debian
Upstream
Released (0.8.6e)