VLC Windows 2.2.7 Crash due to Out-of-Bound Heap Memory Write
Overview
I have found a vulnerability of VLC media player 2.2.7 for windows which will cause crash due to out-of-bound heap memory write in calling memcpy() with wrong size. The vulnerability can cause Denial-of-Service and maybe further cause code execution by overwriting the next heap structure.
The attachment is a rar package which includes a detailed analysis report and a PoC file. In order to avoid disclosing it before patch is released, I have encrypted it. The developers can communicate with me to get the password.
Author
name: Jiaqi Peng, Bingchang Liu @VARAS of IIE email: pjqruc@gmail.com
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information