← Advisories

Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit

Low
Advisory ID
ZSL-2012-5082
Release Date
23 March 2012
Vendor
Spotify Ltd - http://www.spotify.com
Affected Version
0.8.2.610.g090a06f8
CVE
N/A
Tested On
Microsoft Windows XP Professional SP3 (EN) (32bit), Microsoft Windows 7 Ultimate SP1 (EN) (64bit)
Summary

Think of Spotify as your new music collection. Your library. Only this time your collection is vast: millions of tracks and counting. Spotify comes in all shapes and sizes, available for your PC, Mac, home audio system and mobile phone. Wherever you go, your music follows you.

Description

The vulnerability is caused due to the Search box function not checking the boundary of user input. This can be exploited to cause a DoS due to memory exhaustion when inserting a long string of bytes (~80mil B / 80 MB) into the Search field in the GUI.

Proof of Concept
spotify_mem.txtTXT
Disclosure Timeline
19.03.2012Vulnerability discovered.
22.03.2012Vendor has some knowledge about the issue.
23.03.2012Public security advisory released.
Credits
Vulnerability discovered by Claes Spett
References
[1]http://cxsecurity.com/issue/WLB-2012030208
[2]http://packetstormsecurity.org/files/111117
[3]http://www.securityfocus.com/bid/52690
[4]http://www.exploit-db.com/exploits/18654/
[5]http://xforce.iss.net/xforce/xfdb/74277
[6]http://www.1337day.com/exploits/17810
[7]http://www.osvdb.org/show/osvdb/80535
Changelog
23.03.2012Initial release
24.03.2012Added reference [4] and [5]
26.03.2012Added reference [6]
27.03.2012Added reference [7]