Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: CVE-2014-1954 explained

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
Andski CVE-2014-1954 explained
Member 13th Jun, 2014 15:48
Ranking: 0
Posts: 1
User Since: 13th Jun, 2014
System Score: N/A
Location: DE
Last edited on 13th Jun, 2014 16:14

Hello,

i have a question according to CVE-2013-1954 - execute arbitrary code via a crafted ASF movie in VLCs asf demuxer. If i wanted to use this vulnerability what would be the first steps?

Don't be afraid, i don't want to do evil things (ok, everyone could say this). I have to explain the vulnerability in a course at university and i have to explain it so that my fellow students can understand what happens and why this works. I don't want a step by step explanation. But if someone could give me any hints that would be nice.


My thoughts:
If i load an asf file to vlc the file is read by demux/asf/asf.c. Somewhere (but at a special position i think?) in the asf movie file i put my code that is to be executed. How should i prepare it? Obviously i have to put the string "/bin/sh" somewhere in the asf file (probably in hexadecimal notation).
While reading (or processing) the movie file VLC will run into troubles (and finally crashes) and execute my smuggled code.

Thanks in advance

No one has replied to this thread yet - be the first
This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer