vendor:
Tomabo MP4 Player
by:
Saeid Atabaki
9.8
CVSS
CRITICAL
SEH Buffer Overflow
119
CWE
Product Name: Tomabo MP4 Player
Affected Version From: 3.11.2003
Affected Version To: 3.11.2003
Patch Exists: NO
Related CWE:
CPE: a:tomabo:mp4_player:3.11.3
Platforms Tested: Windows XP SP3
2015
Tomabo MP4 Player 3.11.3 – (.m3u) SEH Buffer Overflow
This is an exploit for a SEH buffer overflow vulnerability in Tomabo MP4 Player version 3.11.3. By crafting a specially crafted .m3u file, an attacker can overwrite the Structured Exception Handler (SEH) to execute arbitrary code.
Mitigation:
Update to the latest version of Tomabo MP4 Player.