Title: Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit
Advisory ID: ZSL-2012-5082
Type: Local
Impact: DoS
Risk: (2/5)
Release Date: 23.03.2012

Summary

Think of Spotify as your new music collection. Your library. Only this time your collection is vast: millions of tracks and counting. Spotify comes in all shapes and sizes, available for your PC, Mac, home audio system and mobile phone. Wherever you go, your music follows you.

Description

The vulnerability is caused due to the Search box function not checking the boundary of user input. This can be exploited to cause a DoS due to memory exhaustion when inserting a long string of bytes (~80mil B / 80 MB) into the Search field in the GUI.

Vendor

Spotify Ltd - http://www.spotify.com

Affected Version

0.8.2.610.g090a06f8

Tested On

Microsoft Windows XP Professional SP3 (EN) (32bit)
Microsoft Windows 7 Ultimate SP1 (EN) (64bit)

Vendor Status

[19.03.2012] Vulnerability discovered.
[22.03.2012] Vendor has some knowledge about the issue.
[23.03.2012] Public security advisory released.

PoC

spotify_mem.txt

Credits

Vulnerability discovered by Claes Spett

References

[1] http://cxsecurity.com/issue/WLB-2012030208
[2] http://packetstormsecurity.org/files/111117
[3] http://www.securityfocus.com/bid/52690
[4] http://www.exploit-db.com/exploits/18654/
[5] http://xforce.iss.net/xforce/xfdb/74277
[6] http://www.1337day.com/exploits/17810
[7] http://www.osvdb.org/show/osvdb/80535

Changelog

[23.03.2012] - Initial release
[24.03.2012] - Added reference [4] and [5]
[26.03.2012] - Added reference [6]
[27.03.2012] - Added reference [7]

Contact

Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk