module
SPlayer 3.7 Content-Type Buffer Overflow
Disclosed | Created |
---|---|
May 4, 2011 | May 30, 2018 |
Disclosed
May 4, 2011
Created
May 30, 2018
Description
This module exploits a vulnerability in SPlayer v3.7 or prior. When SPlayer
requests the URL of a media file (video or audio), it is possible to gain arbitrary
remote code execution due to a buffer overflow caused by an exceeding length of data
as the 'Content-Type' parameter.
requests the URL of a media file (video or audio), it is possible to gain arbitrary
remote code execution due to a buffer overflow caused by an exceeding length of data
as the 'Content-Type' parameter.
Authors
xsploitedsec xsploitedsecurity@gmail.com
sinn3r sinn3r@metasploit.com
sinn3r sinn3r@metasploit.com
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.