The host is installed with VLC Media Player 1.0.0 through 1.1.9 and is prone to buffer-overflow vulnerability. A flaw is present in the application which fails to perform adequate checks on user-supplied input when a user attempts to create a bookmark via the 'Playback' menu while playing an mp3 audio file containing crafted ID3 metadata tags. Successful exploitation allows remote attacker to exec ...