Groovy Media Player version 3.2.0 suffers from a buffer overflow vulnerability.
Title:
====
Groovy Media Player 3.2.0 Buffer Overflow Vulnerability
Credit:
======
Name: Akshaysinh Vaghela
Company/affiliation: Cyberoam Technologies Private Limited
Website: www.cyberoam.com
CVE:
=====
CVE-2013-2760 (Reserved)
Date:
====
21-03-2013
CL-ID:
====
CRD-2013-02
Vendor:
======
BestWebSharing continues the series of innovatory, remarkable, yet valuable multimedia applications. It combines amazing styling with advanced and compelling code to give you the best multimedia experience.
Product:
=======
Groovy Media Player is the perfect music-manager application with cool looks and a garland of features. It has Internet streaming, continuous play, mp3 to wav converting function plus a bunch of other amazing features.
Product link: http://www.bestwebsharing.com/groovy-media-player
Abstract:
=======
Cyberoam Threat Research Team discovered a Local Buffer Overflow vulnerability in Groovy Media Player 3.2.0 .
Affected Version:
=============
Ver 3.2.0
Report-Timeline:
============
21-03-2013: Vendor notification
28-03-2013: Follow-up notification sent
00-00-2013: Vendor Fix/Patch
05-04-2013: Public or Non-Public Disclosure
Exploitation-Technique:
===================
Local
Severity Rating:
===================
4.4 (AV:L/AC:M/Au:N/C:P/I:P/A:P/E:P/RL:U/RC:C)
Details:
=======
Vulnerability Description : Groovy media player is vulnerable to buffer overflow vulnerability.The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Certain languages allow direct addressing of memory locations and do not automatically ensure that these locations are valid for the memory buffer that is being referenced. This can cause read or write operations to be performed on memory locations that may be associated with other variables, data structures, or internal program data.
Impact : Groovy Media Player is prone to a local buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Specifically, this issue occurs when opening a '.m3u' playlist file that contains excessive data.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
-------Error Signature--------
EventType : BEX P1 : P2 : 0.0.0.0 P3 : 00000000 P4 : unknown
P5 : 0.0.0.0 P6 : 00000000 P7 : 00000000 P8 : c0000409
P9 : 00000000
Error report image link :
http://oi49.tinypic.com/2h6910g.jpg
http://oi46.tinypic.com/2a5hpqf.jpg
Caveats / Prerequisites:
======================
The attacker needs to entice victims to perform an action in order to exploit this vulnerability.
Proof Of Concept:
================
POC Exploit code:
# !/usr/bin/python
filename = "Evil.mp3"
buffer = "\x41" * 220
exploit = buffer
textfile = open(filename , 'w')
textfile.write(exploit)
textfile.close()
Risk:
=====
The security risk of the Local Buffer Overflow Vulnerability is estimated as moderate.
# 0day.today [2018-03-02] #