Vulnerability & Exploit Database

Back to search

MPlayer SAMI Subtitle File Buffer Overflow

This module exploits a stack-based buffer overflow found in the handling of SAMI subtitles files in MPlayer SVN Versions before 33471. It currently targets SMPlayer 0.6.8, which is distributed with a vulnerable version of MPlayer. The overflow is triggered when an unsuspecting victim opens a movie file first, followed by loading the malicious SAMI subtitles file from the GUI. Or, it can also be done from the console with the MPlayer "-sub" option.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/windows/fileformat/mplayer_sami_bof

Authors

  • Jacques Louw
  • juan vazquez <juan.vazquez [at] metasploit.com>

References

Targets

  • SMPlayer 0.6.8 / mplayer.exe Sherpya-SVN-r29355-4.5.0 / Windows XP English SP3

Platforms

  • windows

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/windows/fileformat/mplayer_sami_bof msf exploit(mplayer_sami_bof) > show targets ...targets... msf exploit(mplayer_sami_bof) > set TARGET <target-id> msf exploit(mplayer_sami_bof) > show options ...show and set options... msf exploit(mplayer_sami_bof) > exploit