Satish Kumar
2018-12-03 09:56:27 UTC
Hello VLC Team
Got bug in your VLC Android application v 3.0.13
Bug type:- Information Disclosure and Errors.
Steps to reproduce bug:-
1) In your Android phone open YouTube application and select any video file
to play.
2) then copy the video URL
3) now open the VLC application and go to option section here you will get
"OPEN MRL"
4) just open this and paste the copied URL and play the video.
5) now go to history section and there you will get the file name which you
have played now see you will get one more file name in my case it start
with the name of "MP4& initcwncaps =13025" like this
6) now just select this file you will get an error in that error you will
get the ip address of YouTube and some data.
POC:-
Attaching google drive link (mp4) just watch to conform the bug.
https://drive.google.com/file/d/1HcfLyVFQlixcSvKBIPxhon6b-CnrkZTr/view?usp=drivesdk
https://drive.google.com/file/d/1RZ184c7rzVgZLrw_6WS5VqJtBE40TTC1/view?usp=drivesdk
Thank you
Regards Satish Kumar
Got bug in your VLC Android application v 3.0.13
Bug type:- Information Disclosure and Errors.
Steps to reproduce bug:-
1) In your Android phone open YouTube application and select any video file
to play.
2) then copy the video URL
3) now open the VLC application and go to option section here you will get
"OPEN MRL"
4) just open this and paste the copied URL and play the video.
5) now go to history section and there you will get the file name which you
have played now see you will get one more file name in my case it start
with the name of "MP4& initcwncaps =13025" like this
6) now just select this file you will get an error in that error you will
get the ip address of YouTube and some data.
POC:-
Attaching google drive link (mp4) just watch to conform the bug.
https://drive.google.com/file/d/1HcfLyVFQlixcSvKBIPxhon6b-CnrkZTr/view?usp=drivesdk
https://drive.google.com/file/d/1RZ184c7rzVgZLrw_6WS5VqJtBE40TTC1/view?usp=drivesdk
Thank you
Regards Satish Kumar