VideoLAN VLC Media Player mms Buffer Overflow (Mar 23, 2012)

By

VideoLAN VLC Media Player is an open source multimedia player. It can play various audio/video formats (MPEG, DivX, ogg, Wave etc.) as well as streaming protocols. It is highly portable and available for multiple platforms.

VLC Media Player can be instructed to open media resources referred by URIs. A URI can be supplied to VLC Media Player by embedding it in a playlist file, such as an ASX (Advanced Stream Redirector) format playlist. In a URI, a “mms” scheme (often appears as “mms://path”) addresses Windows Media Services Streaming Protocol. The generic form of the mms URI parsed by VLC media player is as follows:

mms://[[username[:password@]]hostname[:port][/path][&args…]

A stack buffer overflow vulnerability exists in VideoLAN VLC Media Player. Specifically, the vulnerability is due to improper handling of the hostname field in “mms” URIs. An attacker can exploit this vulnerability by enticing a user to open a crafted playlist file. Successful exploitation would allow for arbitrary code injection and execution with the privileges of the currently logged in user. Code injection that does not result in execution would terminate the application due to memory corruption.

The vulnerability has been assigned as CVE-2012-1775.

SonicWALL has released an IPS signature to detect and block specific exploitation attempts targeting this vulnerability. The signature is listed below:

  • 7622 VideoLAN VLC Media Player ASX Handling Buffer Overflow
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.