Posts Tagged ‘ доказ на концепт

VLC media player 1.0.5 Goldeneye (bookmarks) Remote Buffer Overflow PoC

VLC media player is a highly portable multimedia player and multimedia framework capable of reading most audio and video formats (MPEG-2, MPEG-4, H.264, DivX, MPEG-1, mp3, ogg, aac …) as well as DVDs, Audio CDs VCDs, and various streaming protocols.

VLC media player is vulnerable to a buffer overflow attack when processing .mp3 file and its metadata. It fails to perform boundry checks when creating a bookmark from the malicious media file playing, resulting in a crash, overwriting ECX register.

While the evil .mp3 is playing, you go Playback > Bookmarks > Manage bookmarks > Create.

More info: http://zeroscience.mk/mk/vulnerabilities/ZSL-2010-4931.php