And another new exploit module for Metasploit.
This module exploits a stack-based buffer overflow in SonicPlayer ActiveX control (SonicMediaPlayer.dll) 3.0.0.1 installed by Roxio CinePlayer 3.2. By setting an overly long value to ‘DiskType’, an attacker can overrun a buffer and execute arbitrary code.
This vulnerability was found by Carsten Eiram of Secunia Research back in April 2007. No patch or any kind of solution is offered by the vendor. Also, there was no public exploit for this vulnerability, until now ;-)
Download roxio_cineplayer.rb.
Also on Metasploit.
References:
CVE-2007-1559
BID 23412
OSVDB 34779
Categories: Exploits, Metasploit
0 Comments | 
Comments RSS | 
TrackBack URL
RSS 2.0
ATOM 1.0
RDF 1.0
Links OPML
OpenSearch
