CVE-2009-1351
published 2009-04-21CVE-2009-1351: Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a…
PriorityP341critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.55%
91.9th percentile
Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| heikki_ylinen | apollo | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption
exploitdb·2009-11-17
CVE-2009-3522 Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption
Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption
---
/* Avast 4.8.1351.0 antivirus aswMon2.sys Kernel Memory Corruption
*
* Author: Giuseppe 'Evilcry' Bonfa'
* E-Mail: evilcry _AT_ gmail _DOT_ com
* Website: http://evilcry.netsons.org
* http://evilcodecave.blogspot.com
* http://evilfingers.com
*
* Vendor: Notified
*
* No L.P.E. for kiddies
* /
#define WIN32_LEAN_AND_MEAN
#include
#include
BOOL OpenDevice(PWSTR DriverName, HANDLE *lphDevice) //taken from esagelab
{
WCHAR DeviceName[MAX_PATH];
HANDLE hDevice;
if ((GetVersion() & 0xFF) >= 5)
{
wcscpy(DeviceName, L"\\\\.\\Global\\");
}
else
{
wcscpy(DeviceName, L"\\\\.\\");
}
wcscat(DeviceName, DriverName);
printf("Opening.. %S\n", DeviceName);
hDevice = CreateFileW(DeviceName, GENERIC_READ |
GENERIC_WRITE, 0, NULL
Exploit-DB
Apollo 37zz - '.m3u' Local Heap Overflow (PoC)
exploitdb·2009-04-16
CVE-2009-1351 Apollo 37zz - '.m3u' Local Heap Overflow (PoC)
Apollo 37zz - '.m3u' Local Heap Overflow (PoC)
---
#!/usr/bin/perl
#
#
# *******************************************************************************
# * Apollo 37zz (.M3U File) Local Heap Overflow PoC *
# *******************************************************************************
#
# Found By : Cyber-Zone (ABDELKHALEK)
# E-mail : [email protected]
# Home : WwW.IQ-TY.CoM , WwW.No-Exploit.CoM
# Greetz to: Hussin X , Jiko , ZoRLu , Stack ,Nabilx , Mag!c ompo , And All MoroCCaN HaCkers
# And SP tHANX To : Figuig and Oujda City //Im so proud to be figuigian
#
#
# Download : http://apollo.capacala.com/Apollo37zz.exe
# Proof : http://www.exploiter5.com/blog/appolo-heap.png
#
#OllyDbg Registers
#EAX 41414141
#ECX 00000000
#EDX 00000000
#EBX 0095488C ASCII "1%num% http://AAAAAAA
No writeups or analysis indexed.
2009-04-21
Published