jetAudio Buffer Overflow Vulnerability in Video Converter Component Leading to Denial-of-Service

A buffer overflow vulnerability has been identified in jetAudio version 8.1.7, specifically within the video converter component. This vulnerability allows local attackers to crash the application by sending an oversized string in the File Naming field. By pasting a malicious buffer of 512 bytes into the File Naming parameter and clicking the Preview button, attackers can trigger the application to crash, causing a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash.

Reproduction

To reproduce this vulnerability, first run a Python script that generates a text file containing a 512-byte buffer of 'A' characters. Copy the contents of this file to the clipboard. Then, open the jetAudio application and navigate to the Video Converter component. After adding a video file, paste the clipboard contents into the File Naming field. Finally, click the Preview button, which will cause the application to crash.