vendor:
CoolPlayer
by:
Trancek
N/A
CVSS
HIGH
Buffer Overflow
121
CWE
Product Name: CoolPlayer
Affected Version From: CoolPlayer 2.17
Affected Version To: CoolPlayer 2.17
Patch Exists: NO
Related CWE:
CPE: a:coolplayer_project:coolplayer:2.17
Platforms Tested: Windows
CoolPlayer, Latest Build: 217 Playlist(.m3u) File Local Buffer Overflow Exploit
This exploit targets a buffer overflow vulnerability in CoolPlayer. By creating a specially crafted .m3u playlist file, an attacker can execute arbitrary code on the target system. The exploit uses a return address located at 0x7C951EED (jmp esp in ntdll.dll) to redirect program execution to the shellcode. The shellcode used in this exploit is a bind shell payload generated by Metasploit, which establishes a reverse shell connection to the attacker's machine on port 4444.
Mitigation:
Update to the latest version of CoolPlayer to mitigate this vulnerability. Avoid opening untrusted .m3u playlist files.