CVE-2009-1022
gomlab gom_encoder < 1.0.0.11 - Heap-Based Buffer Overflow via Long Text Field in Subtitle File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-1022. PoCs published by Encrypt3d.M!nd.
AI-analyzed exploit summary This exploit generates a maliciously crafted SRT subtitle file with an excessively long string to trigger a buffer overflow in Gom Encoder. The PoC writes a large 'A' character sequence to a file, which when processed by the vulnerable software, can lead to arbitrary code execution.
Description
Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.
Exploits (1)
This exploit generates a maliciously crafted SRT subtitle file with an excessively long string to trigger a buffer overflow in Gom Encoder. The PoC writes a large 'A' character sequence to a file, which when processed by the vulnerable software, can lead to arbitrary code execution.