module
DVD X Player 5.5 .plf PlayList Buffer Overflow
| Disclosed | Created |
|---|---|
| Jun 2, 2007 | May 30, 2018 |
Disclosed
Jun 2, 2007
Created
May 30, 2018
Description
This module exploits a stack-based buffer overflow on DVD X Player 5.5 Pro and
Standard. By supplying a long string of data in a plf file (playlist), the
MediaPlayerCtrl.dll component will attempt to extract a filename out of the string,
and then copy it on the stack without any proper bounds checking, which causes a
buffer overflow, and results in arbitrary code execution under the context of the user.
This module has been designed to target common Windows systems such as:
Windows XP SP2/SP3, Windows Vista, and Windows 7.
Standard. By supplying a long string of data in a plf file (playlist), the
MediaPlayerCtrl.dll component will attempt to extract a filename out of the string,
and then copy it on the stack without any proper bounds checking, which causes a
buffer overflow, and results in arbitrary code execution under the context of the user.
This module has been designed to target common Windows systems such as:
Windows XP SP2/SP3, Windows Vista, and Windows 7.
Authors
n00b
D3r K0n!G
sickness
sinn3r sinn3r@metasploit.com
D3r K0n!G
sickness
sinn3r sinn3r@metasploit.com
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.