CVE-2011-0522

VLC Media Player - Remote Code Execution via Malformed Subtitle Tag in MKV File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0522. PoCs published by Harry Sintonen.

AI-analyzed exploit summary This exploit leverages a heap-based memory corruption vulnerability in VLC media player by crafting a malicious MKV file with manipulated subtitles. The PoC provides commands to create a corrupted file and trigger the vulnerability, potentially leading to arbitrary code execution or denial-of-service.

Description

The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.

Exploits (1)

exploitdb WORKING POC

by Harry Sintonen · textdosmultiple

https://www.exploit-db.com/exploits/16108

View Code ZIP pw:eip

This exploit leverages a heap-based memory corruption vulnerability in VLC media player by crafting a malicious MKV file with manipulated subtitles. The PoC provides commands to create a corrupted file and trigger the vulnerability, potentially leading to arbitrary code execution or denial-of-service.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Racy

Target: VLC media player (versions affected by CVE-2011-0522)

No auth needed

Prerequisites: VLC media player installed · User interaction to open the malicious file

MITRE ATT&CK