Zoom Player is a commercial media player developed by Inmatrix.It is a slick player of online multimedia content for Windows PCs.
Zoom player version 8.5 suffers from a buffer-overflow vulnerability.This bug can be triggered by feeding a specially crafted JPEG file to vulnerable version of Zoom player(v8.5).Successful exploits may allow an attacker to execute arbitrary code within the context of the user running the affected application.
Vendor Inmatrix. Ltd. has already patched the issue and the affected version is also removed from their site,after I reported it to them.
[*] 16th Dec,2012: Bug found.(https://twitter.com/debasishm89/status/280334928489635840)
[*] 16th Dec,2012: Informed Vendor.
[*] 17th Dec,2012: Asked for PGP Key.
[*] 17th Dec,2012: Shared Technical details.
[*] 31st Dec,2012: Vendor Patched the Issue in version 8.5.1. http://forum.inmatrix.com/index.php?showtopic=13904
[*] 9th Jan,2013: Public release of advisory. http://www.exploit-db.com/exploits/23996/
Proof of Concept:
Explain the code a bit more man !ReplyDelete
All I understand is there is something in Char->Hex :P