VLC Media Player XSPF Playlist Integer Overflow Vulnerability (Windows)

Summary
The host is installed with VLC Media Player and is prone integer overflow vulnerability.
Impact
Successful exploitation could allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Impact Level: System/Application
Solution
Upgrade to the VLC media player version 1.1.10 or later, For updates refer to http://download.videolan.org/pub/videolan/vlc/
Insight
The flaw is due to an integer overflow in XSPF playlist file parser, which allows attackers to execute arbitrary code via unspecified vectors.
Affected
VLC media player version 0.8.5 through 1.1.9
References