vendor:
EagleGet
by:
Interference Security
7.5
CVSS
HIGH
DoS
DoS (Denial of Service)
CWE
Product Name: EagleGet
Affected Version From: 1.1.8.1
Affected Version To: 1.1.8.1
Patch Exists: YES
Related CWE:
CPE: a:eagleget:eagleget:1.1.8.1
Platforms Tested: Windows XP SP3
2014
EagleGet 1.1.8.1 DoS Exploit
Crash PoC for EagleGet 1.1.8.1 tested on Windows XP SP3. Creating "Setting.dat" file. The exploit causes a Denial of Service (DoS) by creating a large string in the defualt_dl_path parameter.
Mitigation:
The vendor has released an updated version (1.1.8.2) which addresses this vulnerability. Users are advised to upgrade to the latest version.