Archive for March 23rd, 2012

Spotify (search func) Memory Exhaustion Exploit

The vulnerability is caused due to the Search box function not checking the boundary of user input. This can be exploited to cause a DoS due to memory exhaustion when inserting a long string of bytes (~80mil B / 80 MB) into the Search field in the GUI.

Advisory ID: ZSL-2012-5082
Advisory URL: