Winamp Maki File Buffer Overflow (CVE-2009-1831)

A buffer overflow vulnerability has been reported in Nullsoft Winamp. The vulnerability is due to an incorrect type cast while parsing a .maki file, causing a buffer overflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...

Mapbox: XSS (cross-site scripting) on www.mapbox.com/maki

Hi there, There is an XSS that allows to inject code throw the variable window.name. I had found it two weeks ago but like I told you in the email I was unable to submit you the report. PoC: window.open"https://www.mapbox.com/maki/", "alertdocument.cookie"; This is due to the print of the value...

Winamp <= 5.55 (MAKI script) Universal Integer Overflow Exploit

No description provided by source. Winamp = 5.55 MAKI script Universal Integer Overflow Exploit By: Encrypt3d.M!nd Based on: http://milw0rm.com/exploits/8767 place mcvcore.maki on \Winamp\Skins\Bento\scripts and run winmap NOTE:i've tested this on version 5.51,if it isn't workin' with your versio...

Winamp - MAKI Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Winamp MAKI Buffer Overflow',...

Winamp MAKI Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Winamp MAKI Buffer Overflow',...

Winamp MAKI Buffer Overflow

This module exploits a stack based buffer overflow in Winamp 5.55. The flaw exists in the genff.dll and occurs while parsing a specially crafted MAKI file, where memmove is used in an insecure way with user controlled data. To exploit the vulnerability the attacker must convince the victim to...

Winamp gen_ff.dll Buffer Overflow Vulnerability

Winamp is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-1831

The Nullsoft Modern Skins Support module genff.dll in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow...

CVE-2009-1831

The CVE-2009-1831 flaw affects Nullsoft Winamp’s gen_ff.dll in versions before 5.552. It allows a remote attacker to trigger a stack-based buffer overflow while parsing a MAKI file, caused by an incorrect sign extension and an integer overflow. Result: remote code execution or crashes as describe...

WinAMP 5.551 MAKI Parsing Integer Overflow

/ Winamp 5.551 MAKI Parsing Integer Overflow Exploit !!! Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Tested:Winamp 5.551 Not vulnerable :Winamp 5.552 Credits to Monica Sojeong Hong down at vrt-sourcefire for the overflow...

Winamp 5.551 - MAKI Parsing Integer Overflow

Winamp 5.551 - MAKI Parsing Integer Overflow / Winamp 5.551 MAKI Parsing Integer Overflow Exploit !!! Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Tested:Winamp 5.551 Not vulnerable :Winamp 5.552 Credits to Monica Sojeong Hong down at...

Winamp 5.551 - MAKI Parsing Integer Overflow

/ Winamp 5.551 MAKI Parsing Integer Overflow Exploit !!! Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Tested:Winamp 5.551 Not vulnerable :Winamp 5.552 Credits to Monica Sojeong Hong down at vrt-sourcefire for the overflow...

WinAMP 5.55 Integer Overflow

Winamp = 5.55 MAKI script Universal Integer Overflow Exploit By: Encrypt3d.M!nd Based on: http://milw0rm.com/exploits/8767 place "mcvcore.maki" on "\Winamp\Skins\Bento\scripts" and run winmap NOTE:i've tested this on version 5.51,if it isn't workin' with your version. just edit the calculations o...

WinAMP 5.551 MAKI Integer Overflow

/ Winamp 5.551 MAKI Parsing Integer Overflow Vulnerability This is just a simple poc code to show how to exploit the recent MAKI file parsing vulnerability. Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Teasted:Winamp 5.551 Not vulnerabl...

Winamp &lt;= 5.55 (MAKI script) Universal Integer Overflow Exploit

No description provided by source. Winamp = 5.55 MAKI script Universal Integer Overflow Exploit By: Encrypt3d.M!nd Based on: http://milw0rm.com/exploits/8767 place "mcvcore.maki" on "\Winamp\Skins\Bento\scripts" and run winmap NOTE:i've tested this on version 5.51,if it isn't workin' with your...

Winamp 5.551 MAKI Parsing Integer Overflow PoC

No description provided by source. / Winamp 5.551 MAKI Parsing Integer Overflow Vulnerability This is just a simple poc code to show how to exploit the recent MAKI file parsing vulnerability. Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version...

Winamp MAKI脚本解析模块栈溢出漏洞

BUGTRAQ ID: 35052 Winamp是一款流行的媒体播放器，支持多种文件格式。 Winamp在解析.maki文件（一种编译过的脚本文件）时没有执行正确的类型赋值，可能导致缓冲区溢出。攻击者可以通过网页或下载对用户提供流行皮肤文件，该皮肤文件利用maki脚本在当前用户环境中执行任意代码。 Winamp的流行皮肤脚本引擎从.maki文件中读取字符串，字符串的格式如下（多字节值为little endian字节序列）： Offset Size Description --------- ------ --------------------------------------...

Winamp &lt;= 5.55 (MAKI script) Universal Seh Overwrite Exploit

No description provided by source. usage: python winampmakiscript.py Note : I got problem while using this python file under windows,but it works great under ubuntu :p print "" print " Winamp = 5.55 MAKI script Universal Seh Overwrite Exploit\n" print " Advisory :...

Winamp 5.55 - MAKI Script Universal Overwrite (SEH)

Winamp 5.55 - MAKI Script Universal Overwrite SEH usage: python winampmakiscript.py Note : I got problem while using this python file under windows,but it works great under ubuntu :p print "" print " Winamp = 5.55 MAKI script Universal Seh Overwrite Exploit\n" print " Advisory :...

Winamp 5.551 MAKI Parsing Integer Overflow PoC

Exploit for unknown platform in category dos / poc ============================================== Winamp 5.551 MAKI Parsing Integer Overflow PoC ============================================== / Winamp 5.551 MAKI Parsing Integer Overflow Vulnerability This is just a simple poc code to show how to...