QQPlayer Integer Overflow Vulnerability

QQPlayer is the latest movie and TV player from Tencent. QQPlayer supports any format of movie and music files as a local player. The QQPlayer program fails to properly handle the datalen field of the strf structure when parsing avi files, triggering a shaping overflow vulnerability when the leng...

QQPlayer-2.3.696.400p1-smi

A different SEH addr might be necessary for XP SP3 ENG. Make sure EAX aligns to the shellcode before decoding. head =''' ''' payload=head+junk+nseh+seh+adjust+shellcode+junk+foot fobj = open"poc.smi","w" fobj.writepayload fobj.close...

QQPlayer 2.3.696.400p1 (.wav) Denial of Service Vulnerability

No description provided by source. !/usr/bin/python Exploit Title: QQPlayer 2.3.696.400p1.wav Denial of Service Vulnerability Date: 07-09-2010 Author: Hadji Samir , s-Dzathotmaildotfr Software Link: www.qq.com Version: QQPlayer 2.3.696.400p1 Tested on: Windows XP sp2 CVE : Notes: Working with...

QQPlayer 2.3.696.400p1 - smi File Buffer Overflow Exploit

No description provided by source. !/usr/bin/env python Title: QQPlayer smi File Buffer Overflow Exploit Author: Lufeng Li of Neusoft Corporation Vendor: www.qq.com Platform: Windows XPSP3 Chinese Simplified Tested: QQPlayer 2.3.696.400p1 Vulnerable: QQPlayer=2.3.696.400p1 Exploit-DB Notes: A...

QQPlayer cue File Buffer Overflow Exploit

No description provided by source. !/usr/bin/env python Title: QQPlayer cue File Buffer Overflow Exploit Author: Lufeng Li of Neusoft Corporation Vendor: www.qq.com Platform: Windows XPSP3 Chinese Simplified Tested: QQPlayer 2.3.696.400 Vulnerable: QQPlayer=2.3.696.400p1 Code : head = '''FILE '''...

QQPlayer 'quartz.dll'堆缓冲区溢出漏洞

BUGTRAQ ID: 55918 QQ影音QQPlayer是腾讯公司推出的一款支持任何格式影片和音乐文件的本地播放器。 QQPlayer 3.7.892及其他版本存在堆缓冲区溢出漏洞，成功利用后可允许远程攻击者在受影响应用的上下文中执行任意代码。 0 Tencent QQ影音 厂商补丁： Tencent ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://im.qq.com/qq/dlqq.shtml l = 3315716 "A" s1 = 0,'\x00\x00\x01\xba', 2048,...

QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC)

Exploit Title: QQPlayer 3.7.892 m2p quartz.dll heap pointer overwrite PoC Date: 10/14/2012 Author: James Ritchey Vendor Homepage: www.qq-player.com Software Link: http://www.qq-player.com/downloaden.php Version: 3.7.892 Tested on: Windows XP SP3 l = 3315716 "A" s1 = 0,'\x00\x00\x01\xba', 2048,...

QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite (PoC)

QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite PoC Exploit Title: QQPlayer 3.7.892 m2p quartz.dll heap pointer overwrite PoC Date: 10/14/2012 Author: James Ritchey Vendor Homepage: www.qq-player.com Software Link: http://www.qq-player.com/downloaden.php Version: 3.7.892 Tested on: Windo...

QQPlayer 3.7.892 Heap Pointer Overwrite

Exploit Title: QQPlayer 3.7.892 m2p quartz.dll heap pointer overwrite PoC Date: 10/14/2012 Author: James Ritchey Vendor Homepage: www.qq-player.com Software Link: http://www.qq-player.com/downloaden.php Version: 3.7.892 Tested on: Windows XP SP3 l = 3315716 "A" s1 = 0,'\x00\x00\x01\xba', 2048,...

QQPlayer MOV File Processing Buffer Overflow Vulnerability

QQPlayer is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

QQPlayer MOV File Processing Buffer Overflow Vulnerability

This host is installed with QQPlayer and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbqqplayermovfilebofvuln.nasl 5366 2017-02-20 13:55:38Z cfi $ QQPlayer MOV File Processing Buffer Overflow Vulnerability Authors: Rachana Shetty Copyright: Copyright c 2012 Greenbon...

CVE-2011-5006

Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file...

Stack overflow

Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file...

CVE-2011-5006

QQPlayer MOV File Processing Buffer Overflow (CVE-2011-5006) affects QQPlayer 3.2.845. The vulnerability is a stack-based buffer overflow in MOV file processing triggered by a crafted PnSize value, enabling remote code execution. OpenVAS entries corroborate a buffer overflow risk in QQPlayer, but...

CVE-2011-5006

Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file...

QQPLAYER PICT PnSize Buffer Overflow

Exploit Title: QQPLAYER PICT PnSize Buffer Overflow WIN7 DEPASLR BYPASS Date: 2011,11,21 Author: hellok Software Link: http://dldir.qq.com/invc/qqplayer/QQPlayerSetup32845.exe Version: 32845lastest Tested on: WIN7 require 'msf/core' class Metasploit3 'QQPLAYER PICT PnSize Buffer Overflow WIN7...

QQPLAYER PICT PnSize Buffer Overflow WIN7 DEP_ASLR BYPASS

No description provided by source. Exploit Title: QQPLAYER PICT PnSize Buffer Overflow WIN7 DEPASLR BYPASS Date: 2011,11,21 Author: hellok Software Link: http://dldir.qq.com/invc/qqplayer/QQPlayerSetup32845.exe Version: 32845lastest Tested on: WIN7 require 'msf/core' class Metasploit3...

QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit)

QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows ASLR + DEP Bypass Metasploit...

QQplayer Memory Corruption Vulnerability

一个符号扩展的问题出现在MP4Splitter.dll中。 .text:10023EFF mov eax, esi .text:10023F01 push 0 .text:10023F03 push 20h .text:10023F05 lea ecx, esp+40h+buff .text:10023F09 push ecx .text:10023F0A mov edx, eax+0Ch .text:10023F0D mov ecx, esi .text:10023F0F call edx ;从文件获取数据。 .text:10023F11 movsx eax, esp+38h+buff...

QQ影音.wav文件解析拒绝服务漏洞

BUGTRAQ ID: 43033 QQ影音是腾讯公司推出的一款支持任何格式影片和音乐文件的本地播放器。 用户受骗使用QQ影音打开了畸形的.wav文件就会导致播放器崩溃。 Tencent QQ影音 2.3.696.400p1 厂商补丁： Tencent ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://player.qq.com/ !/usr/bin/python Exploit Title: QQPlayer 2.3.696.400p1.wav Denial of Service Vulnerability...