Gstreamer 0.10.x Logic Error

Posted by deepcore on December 16, 2016 – 8:23 am

A vulnerability and a separate logic error exist in the gstreamer 0.10.x player for NSF music files. Combined, they allow for very reliable exploitation and the bypass of 64-bit ASLR, DEP, etc. The reliability is provided by the presence of a turing complete “scripting” inside a music player. Read the homepage link for full analysis. Proof of concept exploit included in this archive.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« WordPress MailChimp 3.1.5 / 4.0.10 Cross Site Scripting Horos 2.1.0 Web Portal Remote Information Disclosure / Directory Traversal »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Gstreamer 0.10.x Logic Error

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL