vendor:
GoldWave
by:
0neb1n
7.5
CVSS
HIGH
Local Crash
119
CWE
Product Name: GoldWave
Affected Version From: 6.1.2002
Affected Version To: 6.1.2002
Patch Exists: Yes
Related CWE: N/A
CPE: a:goldwave:goldwave
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 8.1 Home KR
2015
GoldWave 6.1.2 (URL) Local Crash Exploit
GoldWave 6.1.2 is vulnerable to a local crash exploit. An attacker can create a file named 'poc.txt' and copy 'http://AAAAAAAA...' into it. When the user runs GoldWave 6.1.2 and opens the URL, the application will crash.
Mitigation:
Update to the latest version of GoldWave 6.1.2 or higher.