Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-4654 PoC — VLC媒体播放器TY文件处理栈溢出漏洞

Source
https://github.com/rnnsz/CVE-2008-4654
Associated Vulnerability
Title:VLC媒体播放器TY文件处理栈溢出漏洞 (CVE-2008-4654)
Description:Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
Readme
# CVE-2008-4654

PoC exploit for vulnerability CVE-2008-4654 VLC Media Player Stack-Based Buffer Overflow via TiVo Ty file extension.

## Usage

Run the script having a sample .ty+ file inside the same folder as the script. The ty+ file will be modified to execute the payload when opened with VLC Media Player. The file containing the payload will be called **POCPayload.ty+**.

```bash
python3 payloadGenerator_CVE-2008-4654.py
```
File Snapshot

 [4.0K]  /data/pocs/58a30d95c10db412512b6cf87bb5e0bd63d536c3
├── [ 34K]  LICENSE
├── [1.9K]  payloadGenerator_CVE-2008-4654.py
├── [5.0M]  POC.ty+
└── [ 434]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →