CVE-2010-3124

Priority
Low
Description
Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player
1.1.3 and earlier allows local users, and possibly remote attackers, to
execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse
wintab32.dll that is located in the same folder as a .mp3 file.
References
Notes
 mdeslaur> This is Windows-specific
Package
Source: vlc (LP Ubuntu Debian)
Upstream:released (1.1.4)
Patches:
Upstream:http://git.videolan.org/?p=vlc/vlc-1.1.git;a=blobdiff;f=bin/winvlc.c;h=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf;hp=2d09cba320e3b0def7069ce1ebab25d1340161c5;hb=43a31df56c37bd62c691cdbe3c1f11babd164b56;hpb=2d366da738b19f8d761d7084746c6db6f52808c6
More Information

Updated: 2018-06-26 04:37:27 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)