what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

OSVDB: OSVDB-58159

DJ Studio Pro 5.1 .pls Stack Buffer Overflow

Posted Mar 2, 2012

Authored by Sebastien Duquette | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. When handling a .pls file, DJ Studio will copy the user-supplied data on the stack without any proper bounds checking done beforehand, therefore allowing code execution under the context of the user.

tags | exploit, overflow, code execution

advisories | CVE-2009-4656, OSVDB-58159

SHA-256 | 736d166b489b4e31605e79a4de3a5f53718ad11ade2ceb44edb651fb05d2a8dd

Download | Favorite | View

DJ Studio Pro 5.1.6.5.2 Buffer Overflow

Posted Feb 20, 2012

Authored by Sebastien Duquette, Death-Shadow-Dark | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to DJ Studio Pro. This functionality has not been tested in this module.

tags | exploit, overflow

advisories | CVE-2009-4656, OSVDB-58159

SHA-256 | 43cc5ef9fa45f223d8bd4c7bba24952ad1c85fcba7429b138ece7c559127d41f

Download | Favorite | View