header-logo
Suggest Exploit
vendor:
CoolPlayer
by:
Unknown
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: CoolPlayer
Affected Version From: CoolPlayer 217
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Not available
CPE: a:coolplayer_project:coolplayer:217
Metasploit:
Other Scripts:
Platforms Tested: Windows (platform tested not specified)
Unknown

CoolPlayer Buffer Overflow Vulnerability

CoolPlayer is prone to a buffer-overflow vulnerability due to inadequate boundary checks on user-supplied data. The vulnerability occurs when handling specially crafted OGG files. Successful exploitation of this vulnerability allows remote attackers to execute arbitrary code within the application's context. Failed exploit attempts may result in denial-of-service conditions.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of CoolPlayer. Additionally, exercise caution when opening OGG files from untrusted sources.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/27061/info

CoolPlayer is prone a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

The issue occurs when handling specially crafted OGG files.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions.

CoolPlayer 217 is vulnerable; other versions may also be affected.

vorbiscomment -t cTag=AAA_2500_A's_AAA -a input.ogg output.ogg

Navigation

Suggest Exploit

Services By CQR