The VLC media player contains a stack overflow vulnerability while parsing malformed RealText (rt) subtitle files. The vulnerability can be trivially exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions below 0.9.6 are affected.
61e27c6eddbf9e4287833b974a6c98a8cbff9ad64f0e65b56725d5eebcbb162b