Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow

vendor:

a:total_video_player_project:total_video_player:1.3.1

by:

HIGH

Windows 7

CVSS

Windows 8."

Buffer Overflow

Mike Czumak, Fr330wn4g3

CWE

Product Name: a:total_video_player_project:total_video_player:1.3.1

Affected Version From: Update to the latest version of Total Video Player.

Affected Version To: NO

Patch Exists: 119

Related CWE: 2013

CPE: 1.3.2001

Metasploit: Windows

Other Scripts: https://www.exploit-db.com/raw/31988

Platforms Tested: Total Video Player Project

7.5

Total Video Player 1.3.1 (Settings.ini) – SEH Buffer Overflow

This module exploits a buffer overflow in Total Video Player 1.3.1. The vulnerability occurs opening malformed Settings.ini file e.g."C:Program FilesTotal Video Player". This module has been tested successfully over Windows WinXp-Sp3-EN

Mitigation:

Source

Total Video Player 1.3.1 (Settings.ini) – SEH Buffer Overflow

Mitigation:

Exploit-DB raw data: