Alert icon
We're changing our privacy policy. This stuff matters.  Learn more  Dismiss

RealPlayer Windows XP Service Pack 3 Exploit

Sign in or sign up now!
Alert icon
Upgrade to the latest Flash Player for improved playback performance. Upgrade now or more info.
288 views
Loading...
Alert icon
Sign in or sign up now!
Alert icon

Uploaded by on Oct 29, 2011

Tools used:
iTerm2
Metasploit
VMWare Fusion 4
OSX 10.7.2
Windows XP Service Pack 3
RealPlayer 14

Name: RealNetworks Realplayer QCP Parsing Heap Overflow Module: exploit/windows/browser/realplayer_qcp Version: 13745
Platform: Windows
Privileged: No License: Metasploit Framework License (BSD) Rank: Average

Provided by:
Sean de Regge
juan vazquez

Available targets:
Id Name
-- ----
0 Automatic
1 Internet Explorer 6 on XP SP3
2 Internet Explorer 7 on XP SP3

Payload information:
Space: 1024

Description:
This module exploits a heap overflow in Realplayer when handling a
.QCP file. The specific flaw exists within qcpfformat.dll. A static
256 byte buffer is allocated on the heap and user-supplied data from
the file is copied within a memory copy loop. This allows a remote
attacker to execute arbitrary code running in the context of the web
browser via a .QCP file with a specially crafted "fmt" chunk. At
this moment this module exploits the flaw on Windows XP IE6, IE7.

  • likes, 0 dislikes

Link to this comment:

Share to:
see all

All Comments (0)

Sign In or Sign Up now to post a comment!
Loading...

Alert icon
0 / 00Unsaved Playlist Return to active list
    1. Your queue is empty. Add videos to your queue using this button:
      or sign in to load a different list.
    Loading...Loading...Saving...
    • Clear all videos from this list
    • Learn more