Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability
#!/usr/local/bin/perl
#
#
# Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability
#
#
# Vendor: Native Instruments GmbH
# Product web page: http://www.native-instruments.com
# Affected version: 1.2.6.8491 (Standalone)
#
# Summary: TRAKTOR PRO is the new benchmark in DJ software. Mix digital files
# on four decks, using the high-quality internal mixer or external hardware,
# and the best effects suite around. Fully primed for professional use, TRAKTOR
# PRO redefines the art of DJing.
#
# Desc: Traktor Pro suffers from a stack buffer overflow vulnerability when
# parsing playlist files (.nml) resulting in a crash. The user input is not
# properly sanitized which may give the attackers the possibility for an
# arbitrary code execution on the affected system. Failure of exploitation
# may result in a denial of service.
#
# Tested on: Microsoft Windows XP Professional SP3 (English)
#
#
# -------------------------------------------------------------------
#
# (4418.4608): Stack overflow - code c00000fd (first/second chance not available)
# eax=14250000 ebx=001cc168 ecx=00000007 edx=7c90e514 esi=001cc140 edi=001cc198
# eip=7c90e514 esp=0ff5e4e4 ebp=0ff5e4f4 iopl=0 nv up ei pl zr na pe nc
# cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
# *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntdll.dll -
# ntdll!KiFastSystemCallRet:
# 7c90e514 c3 ret
#
# -------------------------------------------------------------------
#
#
# Vulnerability discovered by: Gjoko 'LiquidWorm' Krstic
# liquidworm gmail com
#
# Zero Science Lab - http://www.zeroscience.mk
#
# Advisory ID: ZSL-2010-4977
# Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4977.php
#
# 09.11.2010
#