Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2013-7409

Published: 30/10/2014 Updated: 31/12/2016
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 775
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Allplayer

Vulnerability Summary

Buffer overflow in ALLPlayer 5.6.2 up to and including 5.8.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

allplayer allplayer

allplayer allplayer 5.7.0

allplayer allplayer 5.6.2

Exploits

Exploit DB: ALLPlayer - '.m3u' Local Buffer Overflow (Metasploit)
## # This module requires Metasploit: http//metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initialize(info = {}) super(update_info(info, 'Name' => 'ALL ...
Exploit DB: ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (PoC)
Title: ALLPlayer Local Buffer Overflow PoC UNICODE Vendor: wwwallplayerorg/download/allplayer Date found: 09102013 Date published: 09102013 Platform: windows 7 German Bug: Buffer Overflow UNICODE ---------------------------- 1)VERSIONS AFFECTED ---- ALLPlayer 562 2)Proof of Concept ------------------ junk = "" buffe ...
Exploit DB: ALLPlayer 5.8.1 - '.m3u' Local Buffer Overflow (SEH)
#-----------------------------------------------------------------------------# # Exploit Title: ALLPlayer 581 - (m3u) Buffer Overflow (SEH) # # Date: Mar 1 2014 # # Exploit Author: Gabor Seljan # # Software Link: wwwal ...
Exploit DB: ALLPlayer 5.7 - '.m3u' UNICODE Buffer Overflow (SEH)
#!/usr/bin/perl ############################################################################### # Exploit Title: ALLPlayer 57 (m3u) - SEH Buffer Overflow (Unicode) # Date: 11-23-2013 # Exploit Author: Mike Czumak (T_v3rn1x) -- @SecuritySift # Vulnerable Software: ALLPlayer 57 # Software Link: wwwallplayerorg/download/allplayer # Versi ...
Exploit DB: ALLPlayer 5.6.2 - '.m3u' File Local Buffer Overflow (SEH Unicode)
#!/usr/bin/perl ############################################################################### # Exploit Title: ALLPlayer 562 (m3u) - SEH Buffer Overflow (Unicode) # Date: 10-22-2013 # Exploit Author: Mike Czumak (T_v3rn1x) -- @SecuritySift # Vulnerable Software: ALLPlayer 562 # Software Link: wwwallplayerorg/download/allplayer # V ...

References

CWE-119http://www.exploit-db.com/exploits/29549http://osvdb.org/show/osvdb/98283http://packetstormsecurity.com/files/123986/ALLPlayer-5.6.2-SEH-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/124161/ALLPlayer-5.7-Buffer-Overflow.htmlhttp://www.exploit-db.com/exploits/29798http://packetstormsecurity.com/files/125519/ALLPlayer-5.8.1-Buffer-Overflow.htmlhttp://www.exploit-db.com/exploits/32074http://www.exploit-db.com/exploits/28855http://packetstormsecurity.com/files/123554/ALLPlayer-5.6.2-Buffer-Overflow.htmlhttp://www.exploit-db.com/exploits/32041http://www.securityfocus.com/bid/62926https://nvd.nist.govhttps://www.exploit-db.com/exploits/32074/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook