← Advisories

Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC

High

Advisory ID

ZSL-2008-4902

Release Date

24 November 2008

Vendor

Nero AG / Nero Inc. / Nero K.K. / Nero Ltd - http://www.nero.com

Affected Version

5.0.15.0

CVE

CVE-2008-7079

Tested On

Microsoft Windows XP Professional SP2 (English)

Summary

Nero ShowTime provides you with a high-performance software DVD player that takes you to a new dimension in DVD's. Its cinema-like sound and excellent image quality for all digital pictures make an adventure of every film! What is more, Nero ShowTime supports all DVD-Video formats and can play them from a disc and from the hard drive.

Description

Nero ShowTime is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting these issues may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.

Proof of Concept

showtime_bof.plTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://xforce.iss.net/xforce/xfdb/46811

[2]http://secunia.com/advisories/32850/

[3]http://www.milw0rm.com/exploits/7207

[4]http://www.packetstormsecurity.org/filedesc/showtime_bof.pl.txt.html

[5]http://www.securityfocus.com/bid/32446

[6]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7079

[7]http://osvdb.org/50199

[8]http://www.exploit-db.com/exploits/7207

Changelog

24.11.2008Initial release