"The VideoLAN Project developers have announced the release of version
1.1.5 of their VLC Media Player, a free open source cross-platform
multimedia player for various audio and video formats. The latest
maintenance and security update includes various translation updates,
several bug fixes and addresses a Windows only security issue.
According to the developers, VLC 1.1.5 addresses a stack smashing
vulnerability in Samba access on Windows systems that could lead to the
execution of arbitrary code on a victim's system. For an attack to be
successful, a victim must first open a specially crafted file or connect
to a remote network directory that contains malicious code. All versions
of VLC up to 1.1.4 are reportedly affected."
It is recommended that VLC users on Windows Platform update their
version of VLC to 1.1.5.