[vlc-devel] CVE-2009-1045 VLC 0.9.8a DoS (crash) and possibly arbitrary code execution

Ján iankko Lieskovský iankko at seznam.cz
Tue Mar 24 18:26:02 CET 2009

Hello guys,

  the following potentially security vulnerability has been reported against VLC 0.9.8a player:


Checked it affects VLC 0.9.8a (but didn't try the latest git version).

PoC is available here: http://www.milw0rm.com/exploits/8213

Could you please address this flaw?

If already done so, please ignore this announcement.

Thanks && regards, Jan.
Jan Lieskovsky 

P.S.: Is there some dedicated e-mail address to report potential security issues in VLC other
from this one?

More information about the vlc-devel mailing list