CVE-2012-5876

Nero MediaHome < 4.5.8.0 - Denial of Service via Long HTTP Request or Referer Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5876. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary The exploit demonstrates multiple DoS vulnerabilities in Nero MediaHome server by sending maliciously crafted HTTP requests with excessively long URIs or headers, causing stack or heap-based buffer overflows.

Description

Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and earlier allow remote attackers to cause a denial of service (crash) via a long string in the (1) request line or (2) HTTP Referer header to TCP port 54444, which triggers a heap-based buffer overflow.

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · textdoswindows

https://www.exploit-db.com/exploits/24022

View Code ZIP pw:eip

The exploit demonstrates multiple DoS vulnerabilities in Nero MediaHome server by sending maliciously crafted HTTP requests with excessively long URIs or headers, causing stack or heap-based buffer overflows.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Nero MediaHome 4.5.8.0 and prior

No auth needed

Prerequisites: Network access to port 54444/TCP

MITRE ATT&CK