Zero Science Lab » ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC

ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC

Title: ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC
Advisory ID: ZSL-2009-4913
Type: Local
Impact: System Access, DoS
Risk: (3/5)
Release Date: 08.05.2009

Summary

ViPlay3 is a freeware movie player designed to play the most popular movie types using overlaying technology for a faster and more efficient way of video playback.

Description

URUWorks ViPlay3 is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input (.vpl file). Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Vendor

URUWorks - http://www.urusoft.net

Affected Version

3.00

Tested On

Microsoft Windows XP Professional SP3 (English)

Vendor Status

N/A

PoC

viplay_poc.pl

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] http://packetstormsecurity.org/filedesc/viplay-overflow.txt.html
[2] http://www.securityfocus.com/bid/34877
[3] http://www.milw0rm.com/exploits/8644
[4] http://securityreason.com/exploitalert/6188

Changelog

[08.05.2009] - Initial release

Contact

Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk