Title: VLC Media Player Bookmark Creation Crafted File Handling Memory Corruption
Mar 05, 2010
VLC media player is vulnerable to a buffer overflow attack when processing .mp3 file and its metadata. It fails to perform boundry checks when creating a bookmark from the malicious media file playing, resulting in a crash, overwriting ECX register.
While the evil .mp3 is playing, you go Playback > Bookmarks > Manage bookmarks > Create.
Local / Remote
Loss of Integrity