Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
Exploitability
AV:NAC:LAu:NImpact
C:CI:CA:C10/AV:N/AC:L/Au:N/C:C/I:C/A:C