1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: VLC SMB URI Handling

Attack: VLC SMB URI Handling

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This is signature will detect attempt to exploit a buffer overflow exploit in VLC media player SMB URI.

Additional Information

VLC Media Player is a media player for a number of platforms. The application has a web-based interface.

The application is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, the issue affects the 'Win32AddConnection()' function of 'modules/access/smb.c' and arises when handling a long 'smb://' URI.

A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

VLC Media Player 0.9.9 through 1.0.1 for Windows are vulnerable; other versions may also be affected.

Response

A vendor fix is available in the GIT repository. Please see the references for details.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube