Exploit NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
25989
Проверка EDB
  1. Пройдено
Автор
LEON JURANIC
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2005-2310
Дата публикации
2005-07-15
Код:
source: https://www.securityfocus.com/bid/14276/info

Winamp is susceptible to a buffer overflow vulnerability in its ID3v2 functionality. This issue is due to a failure of the application to properly bounds check input data prior to copying it into a fixed size memory buffer.

This issue will facilitate remote exploitation as an attacker may distribute malicious MP3 files and entice unsuspecting users to process them with the affected application.

An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.

Versions 5.03a, 5.09, and 5.091 are reported vulnerable to this issue. Other versions are also likely affected. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25989.mp3
 
Источник
www.exploit-db.com

Похожие темы