Ots Labs OtsTurntables M3U Local Buffer Overflow Vulnerability
BID:25514
Info
Ots Labs OtsTurntables M3U Local Buffer Overflow Vulnerability
| Bugtraq ID: | 25514 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 03 2007 12:00AM |
| Updated: | Sep 05 2007 05:31PM |
| Credit: | 0x58 discovered this vulnerability. |
| Vulnerable: |
Ots Labs OtsTurntables 1.00 |
| Not Vulnerable: | |
Discussion
Ots Labs OtsTurntables M3U Local Buffer Overflow Vulnerability
Ots Labs OtsTurntables is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.
Attackers may be able to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
OtsTurntables 1.00 is vulnerable; other versions may also be affected.
Ots Labs OtsTurntables is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.
Attackers may be able to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
OtsTurntables 1.00 is vulnerable; other versions may also be affected.
Exploit / POC
Ots Labs OtsTurntables M3U Local Buffer Overflow Vulnerability
To exploit this issue an attacker must entice an unsuspecting user to open a maliciously crafted M3U file with the affected application.
The following exploit code is available:
To exploit this issue an attacker must entice an unsuspecting user to open a maliciously crafted M3U file with the affected application.
The following exploit code is available:
Solution / Fix
Ots Labs OtsTurntables M3U Local Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Ots Labs OtsTurntables M3U Local Buffer Overflow Vulnerability
References:
References:
- Vendor Homepage (Ots Labs)