header-logo
Suggest Exploit
vendor:
VLC Media Player
by:
D3V!L FUCKER and germaya_x
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: VLC Media Player
Affected Version From: 0.8.6i
Affected Version To: 0.8.6i
Patch Exists: No
Related CWE: N/A
CPE: a:videolan:vlc_media_player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2009

VLC ActiveX Remote Buffer Overflow POC

This exploit is a proof-of-concept (POC) for a buffer overflow vulnerability in the VLC ActiveX control. The vulnerability is triggered when a maliciously crafted HTML page is opened in Internet Explorer. The page contains a VBScript that launches the VLC ActiveX control with a specially crafted argument. This argument contains a shellcode that is executed when the control is launched. The shellcode is designed to open a command prompt window.

Mitigation:

Disable ActiveX controls in Internet Explorer, or use a different web browser.
Source

Exploit-DB raw data:

<html>
exploit:[vlc ActiveX remote buffer overflow poc]
Author :[D3V!L FUCKER and germaya_x]
soft   :[vlc player]
version:[o.8.6i]
tested :[win xp sp2]
Greetz [2] : WwW.v99x.CoM we miss you ,his0k4


<object classid='clsid:9BE31822-FDAD-461B-AD51-BE1D1C159921' id='target' ></object>

Navigation

Suggest Exploit

Services By CQR