vendor:
Hamster Audio Player
by:
hack4love
7,6
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Hamster Audio Player
Affected Version From: 0.3a
Affected Version To: 0.3a
Patch Exists: YES
Related CWE: N/A
CPE: a:hamster_soft:hamster_audio_player
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009
Hamster Audio Player 0.3a (Associations.cfg) Local Buffer Exploit //sp2(SEH)
Hamster Audio Player 0.3a is vulnerable to a local buffer overflow vulnerability when a specially crafted Associations.cfg file is placed in the same directory as the application. This can be exploited to execute arbitrary code by overwriting the SEH handler with a pointer to malicious code.
Mitigation:
Upgrade to the latest version of Hamster Audio Player.