Exploit NullSoft Winamp 2.64 - '.m3u' Playlist Buffer Overflow

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
20094
Проверка EDB
  1. Пройдено
Автор
PAULI OJANPERA
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2000-0624
Дата публикации
2001-01-17
Код:
source: https://www.securityfocus.com/bid/1496/info

The M3U Playlist file parser in NullSoft Winamp does not perform proper bounds checking with the extension "#EXTINF:". Therefore, entering a string consisting of over 280 characters in conjunction with this parameter will cause a buffer overflow condition which will either crash the application or allow for arbitrary code to be executed, depending on the data entered.

Cut and paste the following into a M3U file:

EXTM3U
#EXTINF:<string of of over 280 characters>
 
Источник
www.exploit-db.com

Похожие темы