Music Tag Editor 1.61 build 212 Remote Buffer Overflow PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Music Tag Editor 1.61 build 212 Remote Buffer Overflow PoC
# Published : 2009-07-16
# Author : LiquidWorm
# Previous Title : Microsoft Office Web Components (Spreadsheet) ActiveX BOF PoC
# Next Title : Zortam MP3 Player 1.50 (m3u) Integer Division by Zero Exploit

==

* Music Tag Editor 1.61 build 212 Remote Buffer Overflow PoC *

Product: http://www.assistanttools.com/products/tag_editors/music_tag_editor/index.shtml
Tested On Microsoft Windows XP Professional SP3 (English)

Vulnerability Discovered By Gjoko 'LiquidWorm' Krstic
liquidworm gmail com
Zero Science Lab - http://www.zeroscience.org/
15.07.2009

==

(8bc.86c): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00410041 ebx=00000000 ecx=0010fa80 edx=00410041 esi=001e5fb0 edi=000fd060
eip=cccccccc esp=000fcfa0 ebp=000fcff8 iopl=0         nv up ei pl nz ac po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010212
cccccccc ?? 

==

*** Proof Of Concept: http://zeroscience.org/codes/aimp2_evil.mp3
		      http://exploit-db.com/sploits/2009-aimp2_evil.mp3

** Note: The same PoC used in:
- http://secunia.com/advisories/35305/
- http://secunia.com/advisories/35295/

EOF

# www.Syue.com [2009-07-16]