Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability
Title: Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability
Advisory ID: ZSL-2009-4919
Type: Local/Remote
Impact: System Access, DoS
Risk: (3/5)
Release Date: 16.07.2009
aimp2_evil.mp3
[2] http://securityreason.com/exploitalert/6634
[3] http://zeroscience.mk/codes/aimp2_evil.mp3
[4] http://milw0rm.com/sploits/2009-aimp2_evil.mp3
[5] http://securityreason.com/download/11/13
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2009-4919
Type: Local/Remote
Impact: System Access, DoS
Risk: (3/5)
Release Date: 16.07.2009
Summary
Zortam ID3 Tag Editor is all-in-one MP3 organizer application for editing ID3 tags (Mp3 ID3 Tag Editor) with support for ID3v1 and ID3v2 tags, managing M3u playlists (Playlist manager), renaming files (Mp3 Renamer) using ID3 tags, searching for duplicate Mp3 files, searching and cataloguing Mp3 files into Mp3 library, listening Mp3's using your favorite Mp3 player and much more. You can even add lyrics and picture to ID3 tags(cover, artist picture, etc.) to your Mp3 files.Description
Zortam ID3 Tag Editor is prone to a stack-based buffer-overflow vulnerability because the application fails to handle malformed mp3 files. An attacker can exploit this issue to execute arbitrary code within the context of the application or to trigger a denial-of-service condition.Vendor
Zortam Corp. - http://www.zortam.comAffected Version
5.0Tested On
Microsoft Windows XP Professional SP3 (English)Vendor Status
N/APoC
zortam_bof.txtaimp2_evil.mp3
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://packetstormsecurity.org/filedesc/zortamid3-overflow.txt.html[2] http://securityreason.com/exploitalert/6634
[3] http://zeroscience.mk/codes/aimp2_evil.mp3
[4] http://milw0rm.com/sploits/2009-aimp2_evil.mp3
[5] http://securityreason.com/download/11/13
Changelog
[16.07.2009] - Initial releaseContact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk