Signature Detail

HTTP: Compressed File Downloaded for Media File Requested

This signature detects attempts to download a compressed (ZIP) file when a media file was requested. Some video players attempt to load the compressed file as a media file, which can result in arbitrary code execution.

Extended Description

VLC media player is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Attackers can leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. VLC media player 1.0.6 is vulnerable; other versions may also be affected.

Affected Products

• VideoLAN VLC media player 0.5.0
• VideoLAN VLC media player 0.6.8
• VideoLAN VLC media player 0.8.6
• VideoLAN VLC media player 0.8.6A
• VideoLAN VLC media player 0.8.6B
• VideoLAN VLC media player 0.8.6C
• VideoLAN VLC media player 0.8.6D
• VideoLAN VLC media player 0.8.6E
• VideoLAN VLC media player 0.8.6F
• VideoLAN VLC media player 0.8.6G
• VideoLAN VLC media player 0.8.6H
• VideoLAN VLC media player 0.8.6I
• VideoLAN VLC media player 0.9.0
• VideoLAN VLC media player 0.9.1
• VideoLAN VLC media player 0.9.2
• VideoLAN VLC media player 0.9.3
• VideoLAN VLC media player 0.9.4
• VideoLAN VLC media player 0.9.5
• VideoLAN VLC media player 0.9.6
• VideoLAN VLC media player 0.9.7
• VideoLAN VLC media player 0.9.8A
• VideoLAN VLC media player 0.9.9
• VideoLAN VLC media player 1.0.0
• VideoLAN VLC media player 1.0.1
• VideoLAN VLC media player 1.0.2
• VideoLAN VLC media player 1.0.3
• VideoLAN VLC media player 1.0.5
• VideoLAN VLC media player 1.0.6

References

• BugTraq: 40428