Green Dam URL Processing Buffer Overflow

vendor:

Green Dam Youth Escort

by:

Trancer

N/A

CVSS

N/A

Buffer Overflow

119

CWE

Product Name: Green Dam Youth Escort

Affected Version From: 3.17

Affected Version To: 3.17

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Internet Explorer 6, Windows XP SP2, Internet Explorer 7, Windows XP SP3, Internet Explorer 7, Windows Vista SP1

2009

Green Dam URL Processing Buffer Overflow

This module exploits a stack-based buffer overflow in Green Dam Youth Escort version 3.17 in the way it handles overly long URLs. By setting an overly long URL, an attacker can overrun a buffer and execute arbitrary code. This module uses the .NET DLL memory technique by Alexander Sotirov and Mark Dowd and should bypass DEP, NX and ASLR.

Mitigation:

N/A

Source

Green Dam URL Processing Buffer Overflow

Mitigation:

Exploit-DB raw data: