This exploit creates a malformed ChordPulse project file (`.cps`) with an oversized buffer (5000 'A' characters) to trigger a denial-of-service (DoS) condition when the file is loaded by ChordPulse versions prior to 1.4. The vulnerability likely stems from improper input validation or buffer handling in the file parsing logic.
Classification
Working Poc 95%
Target:
ChordPulse < 1.4
No auth needed
Prerequisites:
Ability to deliver the malformed `.cps` file to the target system · Target must open the file in ChordPulse