OSVDB ID: 62728

Title: VLC Media Player Bookmark Creation Crafted File Handling Memory Corruption

Info

Disclosure

Mar 05, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

VLC media player is vulnerable to a buffer overflow attack when processing .mp3 file and its metadata. It fails to perform boundry checks when creating a bookmark from the malicious media file playing, resulting in a crash, overwriting ECX register. While the evil .mp3 is playing, you go Playback > Bookmarks > Manage bookmarks > Create.

Classification

Location: Local / Remote
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown

Solution

Products

Unknown or Incomplete

References

OVAL ID: 14532
CVE ID: 2011-1087 (see also: NVD)
Bugtraq ID: 38569
Secunia Advisory ID: 38853
Related OSVDB ID: 62728
Other Advisory URL: http://openwall.com/lists/oss-security/2011/03/02/3
http://openwall.com/lists/oss-security/2011/03/03/8
http://openwall.com/lists/oss-security/2011/03/03/9
http://openwall.com/lists/oss-security/2011/03/28/7
http://securityreason.com/exploitalert/7891
http://www.juniper.net/security/auto/vulnerabilities/vuln38569.html
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4931.php
Packet Storm: http://www.packetstormsecurity.org/filedesc/vlcmediaplayer-overflow.txt.html
Vendor URL: http://www.videolan.org
Generic Exploit URL: http://www.zeroscience.mk/codes/aimp2_evil.mp3

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/62728