Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability

🗓️ 16 Jul 2009 00:00:00Reported by Gjoko KrsticType

zeroscience🔗 www.zeroscience.mk👁 19 Views

Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability in MP3 File

<html><body><p>###################################################################################

Title: Zortam ID3 Tag Editor 5.0 (mp3 file) Remote Stack Overflow Vulnerability

Product Web Page: http://www.zortam.com/

Tested On: Microsoft Windows XP Professional SP3 (English)

Desc: Just download the PoC, and search for media or navigate with the vuln program
in the folder where the evil .mp3 file is located...boom.

Vulnerability Discovered by Gjoko 'LiquidWorm' Krstic

liquidworm gmail com

Zero Science Lab (c) 2009
Macedonian Security Research &amp; Development Laboratory
http://www.zeroscience.org/

16.07.2009

###################################################################################
1. PoC: http://zeroscience.org/codes/aimp2_evil.mp3
2. PoC: http://milw0rm.com/sploits/2009-aimp2_evil.mp3
3. PoC: http://securityreason.com/download/11/13
###################################################################################

###################################################################################</p></body></html>

16 Jul 2009 00:00Current

6.2Medium risk

Vulners AI Score6.2