A buffer overflow could occur in VideoLAN's VLC cross-platform multimedia player when attempting to parse a specially crafted advanced systems format (ASF) movie, a researcher reported.

The vulnerability, found by security researcher Debasish Mandal, exists in the ASF demuxer of VLC media player versions 2.0.5 and earlier. To exploit the vulnerability, a user must “explicitly open a specially crafted ASF movie."