← Advisories

Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability

Medium

Advisory ID

ZSL-2009-4919

Release Date

16 July 2009

Vendor

Zortam Corp. - http://www.zortam.com

Affected Version

5.0

CVE

N/A

Tested On

Microsoft Windows XP Professional SP3 (English)

Summary

Zortam ID3 Tag Editor is all-in-one MP3 organizer application for editing ID3 tags (Mp3 ID3 Tag Editor) with support for ID3v1 and ID3v2 tags, managing M3u playlists (Playlist manager), renaming files (Mp3 Renamer) using ID3 tags, searching for duplicate Mp3 files, searching and cataloguing Mp3 files into Mp3 library, listening Mp3's using your favorite Mp3 player and much more. You can even add lyrics and picture to ID3 tags(cover, artist picture, etc.) to your Mp3 files.

Description

Zortam ID3 Tag Editor is prone to a stack-based buffer-overflow vulnerability because the application fails to handle malformed mp3 files. An attacker can exploit this issue to execute arbitrary code within the context of the application or to trigger a denial-of-service condition.

Proof of Concept

zortam_bof.txtTXT

aimp2_evil.mp3MP3

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://packetstormsecurity.org/filedesc/zortamid3-overflow.txt.html

[2]http://securityreason.com/exploitalert/6634

[3]http://zeroscience.mk/codes/aimp2_evil.mp3

[4]http://milw0rm.com/sploits/2009-aimp2_evil.mp3

[5]http://securityreason.com/download/11/13

Changelog

16.07.2009Initial release