CVE-2008-1489

VLC - Integer Overflow and Heap-Based Buffer Overflow via Crafted MP4 RDRF Box

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1489.

AI-analyzed exploit summary This exploit generates a malicious .ssa file that triggers a local buffer overflow in Kantaris 0.3.4 Media Player, executing a bind shell on port 4444. The payload uses a JMP ESP address and alphanumeric shellcode to achieve remote code execution.

Description

Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.

Exploits (1)

exploitdb WORKING POC

pythonlocalwindows

https://www.exploit-db.com/exploits/5498

View Code ZIP pw:eip

This exploit generates a malicious .ssa file that triggers a local buffer overflow in Kantaris 0.3.4 Media Player, executing a bind shell on port 4444. The payload uses a JMP ESP address and alphanumeric shellcode to achieve remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Kantaris 0.3.4 Media Player

No auth needed

Prerequisites: Victim must open the malicious .ssa file in Kantaris 0.3.4

MITRE ATT&CK