Atomix Mp3 Buffer Overflow

2007.05.12
Credit: preth00nker
Risk: High
Local: Yes
Remote: No
CWE: CWE-Other


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

##################################################### ### ### << Buffer OverFlow >> ### A T O M I X M P 3 ### ### Preth00nker [at] gmail [dot] com ### BY PRETH00NKER ### http://mexhackteam.org ### ### an spetial dedication to my friends Shaka & 1tachi ### ###################################################### [ Introduction ] (*)Buffer Overflow or B0F: it is caused by a saturation on the stack at the momento when a strcpy() function is called and the string is LONGER than hoped. (*)AtomixMP3, it is an MP3 DJ mix software, was developed to make the technical aspect of djing literally as simple as clicking a mouse. [ Explanation ] When Atomix.exe load the MP3 available in the computer realize an strcpy function for allocate the route of the file, the risk comes when the name's file exceed the buffer located previously, it cause an overflow leaving the posibility for execute arbitrary code into the machine. [ Exploit ] http://www.mexhackteam.org/prethoonker/descargas/Atomixb0f.zip


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top