CVE-2009-1497

Gretech Online Movie Player (GOM Player) 2.1.16.4635 - Stack-based Buffer Overflow via SRT File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1497. PoCs published by Bui Quang Minh.

AI-analyzed exploit summary This exploit generates a maliciously crafted .srt subtitle file with an oversized buffer (10240 bytes repeated 4 times) to trigger a buffer overflow in GOM Player 2.1.16.6134. The PoC is designed to crash the application silently on Windows XP, Vista, and 7.

Description

Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Bui Quang Minh · perldoswindows

https://www.exploit-db.com/exploits/8370

View Code ZIP pw:eip

This exploit generates a maliciously crafted .srt subtitle file with an oversized buffer (10240 bytes repeated 4 times) to trigger a buffer overflow in GOM Player 2.1.16.6134. The PoC is designed to crash the application silently on Windows XP, Vista, and 7.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: GOM Player 2.1.16.6134

No auth needed

Prerequisites: GOM Player 2.1.16.6134 installed · Ability to deliver the .srt file to the target

MITRE ATT&CK