VLC has released a patch to address an integer overflow vulnerability in VLC Media Player. By convincing a user to open an MP4 file with a specially crafted RDRF atom, a remote attacker may be able to execute arbitrary code.

For users who compile VLC Media Player from source, VLC has provided a patch to address this issue.

US-CERT will provide more information as it becomes available.