Friday, February 17, 2012

GOM Player '.asx' File Unicode Stack Buffer Overflow Vulnerability[0day] [CVE-2007-0707]

GOM Player is prone to a remote stack-based buffer-overflow vulnerability.The vulnerability is caused due to a boundary error when parsing a URL within playlist files. This can be exploited to cause a stack-based buffer overflow via a specially crafted e.g. PLS or ASX playlist file.



Successful exploitation allows execution of arbitrary code, but requires tricking a user into opening a malicious file.
Failed attacks may cause a denial-of-service condition.

GOM Player 2.1.33.5071 is vulnerable.

It's tested that GOM player version 2.1.39.5101 Release [2012.01.10] is no more vulnerable.

Exploit Code:



Metasploit Module