header-logo
Suggest Exploit
vendor:
abcm2ps
by:
Not specified
7.5
CVSS
HIGH
Remote buffer overflow
119
CWE
Product Name: abcm2ps
Affected Version From: 3.7.20
Affected Version To: Not specified
Patch Exists: NO
Related CWE: Not specified
CPE: a:abcm2ps:abcm2ps:3.7.20
Metasploit:
Other Scripts:
Platforms Tested: Not specified
Not specified

abcm2ps Remote Buffer Overflow Vulnerability

abcm2ps is prone to a remote buffer overflow vulnerability due to a lack of proper boundary checks. An attacker can exploit this issue by crafting a malicious ABC file containing excessive string data, replacement memory addresses, and executable instructions. If a user processes this file through the application, the attacker's instructions may be executed, potentially compromising the application.

Mitigation:

It is recommended to update to a patched version of abcm2ps when available. Avoid processing untrusted ABC files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12022/info

abcm2ps is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data into sensitive process buffers. It is reported that this issue can allow an attacker to gain unauthorized access to a computer in the context of the application.

An attacker can exploit this issue by crafting a malicious ABC file that contains excessive string data, replacement memory addresses, and executable instructions to trigger this issue.

If a user obtains this file and processes it through the application, the attacker-supplied instructions may be executed on the vulnerable computer. It is reported that successful exploitation may result in a compromise in the context of the application.

abcm2ps version 3.7.20 is reported prone to this vulnerability. It is likely that other versions are affected as well.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25022.zip

Navigation

Suggest Exploit

Services By CQR