CVE-2009-4863

UltraPlayer Media Player 2.112 - Stack-Based Buffer Overflow via .usk File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4863. PoCs published by SarBoT511.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in UltraPlayer Media Player 2.112 by creating a malicious skin file (Derailer.usk) with an overly long string of 'A' characters. The overflow occurs when the application processes the file, potentially allowing arbitrary code execution.

Description

Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SarBoT511 · perldoswindows

https://www.exploit-db.com/exploits/9368

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in UltraPlayer Media Player 2.112 by creating a malicious skin file (Derailer.usk) with an overly long string of 'A' characters. The overflow occurs when the application processes the file, potentially allowing arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: UltraPlayer Media Player 2.112

No auth needed

Prerequisites: Victim must open the malicious skin file in UltraPlayer Media Player

MITRE ATT&CK