From 2ff90264227f660f681828c85cf20ee560772b70 Mon Sep 17 00:00:00 2001
From: Metasploit <metasploit@rapid7.com>
Date: Wed, 10 Oct 2018 11:56:15 -0700
Subject: [PATCH] automatic module_metadata_base.json update

---
 db/modules_metadata_base.json | 41 +++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
index 141477c2a3..6734d83a97 100644
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@@ -99308,6 +99308,47 @@
     "notes": {
     }
   },
+  "exploit_windows/fileformat/vlc_mkv": {
+    "name": "VLC Media Player MKV Use After Free",
+    "full_name": "exploit/windows/fileformat/vlc_mkv",
+    "rank": 500,
+    "disclosure_date": "2018-05-24",
+    "type": "exploit",
+    "author": [
+      "Eugene Ng - GovTech",
+      "Winston Ho - GovTech"
+    ],
+    "description": "This module exploits a use after free vulnerability in\n        VideoLAN VLC =< 2.2.8. The vulnerability exists in the parsing of\n        MKV files and affects both 32 bits and 64 bits.\n\n          In order to exploit this, this module will generate two files:\n        The first .mkv file contains the main vulnerability and heap spray,\n        the second .mkv file is required in order to take the vulnerable code\n        path and should be placed under the same directory as the .mkv file.\n\n          This module has been tested against VLC v2.2.8. Tested with payloads\n        windows/exec, windows/x64/exec, windows/shell/reverse_tcp,\n        windows/x64/shell/reverse_tcp. Meterpreter payloads if used can\n        cause the application to crash instead.",
+    "references": [
+      "CVE-2018-11529",
+      "URL-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11529",
+      "EDB-44979"
+    ],
+    "is_server": true,
+    "is_client": false,
+    "platform": "Windows",
+    "arch": "",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "VLC 2.2.8 on Windows 10 x86",
+      "VLC 2.2.8 on Windows 10 x64"
+    ],
+    "mod_time": "2018-10-10 12:22:47 +0000",
+    "path": "/modules/exploits/windows/fileformat/vlc_mkv.rb",
+    "is_install_path": true,
+    "ref_name": "windows/fileformat/vlc_mkv",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+    }
+  },
   "exploit_windows/fileformat/vlc_modplug_s3m": {
     "name": "VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow",
     "full_name": "exploit/windows/fileformat/vlc_modplug_s3m",