[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: [SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow
From: Jerome Athias <jerome.athias () free ! fr>
Date: 2007-06-28 6:48:06
Message-ID: 468359A6.4000908 () free ! fr
[Download RAW message or body]
[SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow
Release Date : 2007-06-28
Critical : Moderately critical. Level 3 of 5.
Impact : System access
Where : From remote
Solution Status : Unpatched
Software :
PCSoft WinDEV
(PCSoft WinDEV Express)
(PCSoft WinDEV Mobile)
(PCSoft WebDEV)
Description :
Jerome Athias has reported a vulnerability in PCSoft WinDEV, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the handling
of a ".wdp" project file that contains an overly long string in the
"used DLL" fields. This can be exploited to cause a stack-based buffer
overflow and allows arbitrary code execution when a malicious ".wdp"
file is opened.
It is also possible to perform an infinite loop (DoS), resulting in the
use of a large amount of CPU and memory ressources using a malformed
project file.
The vulnerability has been reported in version 11 (latest release:
01F110053p). Older versions and other products (WinDEV Express, Mobile
and WebDEV) could also be affected.
Solutions :
Do not open ".wdp" files from non-trusted sources.
Provided and discovered by :
Jerome Athias
http://www.JA-PSI.fr
Original Advisory :
https://www.securinfos.info/english/security-advisories-alerts/20070628_PCSoft.WinDEV.wdp.Project.File.Handling.Buffer.Overflow.php
PoC codes:
https://www.securinfos.info/english/security-tools-hacking/windev_crash.zip
["smime.p7s" (application/x-pkcs7-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic