CVE-2008-0296

VLC Media Player < 0.8.6d - Heap-Based Buffer Overflow via RTSP Long String

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0296.

AI-analyzed exploit summary This Python script generates a malicious .ssa file that exploits a local buffer overflow in Kantaris 0.3.4 Media Player. It includes a bind shell payload (port 4444) and leverages a JMP ESP instruction for execution.

Description

Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.

Exploits (1)

exploitdb WORKING POC

pythonlocalwindows

https://www.exploit-db.com/exploits/5498

View Code ZIP pw:eip

This Python script generates a malicious .ssa file that exploits a local buffer overflow in Kantaris 0.3.4 Media Player. It includes a bind shell payload (port 4444) and leverages a JMP ESP instruction for execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Kantaris Media Player 0.3.4

No auth needed

Prerequisites: Victim must open the malicious .ssa file in Kantaris Media Player

MITRE ATT&CK