Elecard MPEG Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Elecard MPEG Player when handling .m3u files. This situation that leads to a buffer overflow and allows an attacker to overwrite an SEH Pointer. This can be exploited via a specially crafted .m3u file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Exploit Platform
Exploit Type
Product Name