AtomixMP3 contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in AtomixMP3 when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file. This module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Friday, October 10, 2008 - 00:00