Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
abcm2ps Remote Buffer Overflow Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
abcm2ps
by:
Not specified
7.5
CVSS
HIGH
Remote buffer overflow
119
CWE
Product Name: abcm2ps
Affected Version From: 3.7.20
Affected Version To: Not specified
Patch Exists: NO
Related CWE: Not specified
CPE: a:abcm2ps:abcm2ps:3.7.20
Metasploit:
Other Scripts:
Platforms Tested: Not specified
Not specified

abcm2ps Remote Buffer Overflow Vulnerability

abcm2ps is prone to a remote buffer overflow vulnerability due to a lack of proper boundary checks. An attacker can exploit this issue by crafting a malicious ABC file containing excessive string data, replacement memory addresses, and executable instructions. If a user processes this file through the application, the attacker's instructions may be executed, potentially compromising the application.

Mitigation:

It is recommended to update to a patched version of abcm2ps when available. Avoid processing untrusted ABC files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12022/info

abcm2ps is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data into sensitive process buffers. It is reported that this issue can allow an attacker to gain unauthorized access to a computer in the context of the application.

An attacker can exploit this issue by crafting a malicious ABC file that contains excessive string data, replacement memory addresses, and executable instructions to trigger this issue.

If a user obtains this file and processes it through the application, the attacker-supplied instructions may be executed on the vulnerable computer. It is reported that successful exploitation may result in a compromise in the context of the application.

abcm2ps version 3.7.20 is reported prone to this vulnerability. It is likely that other versions are affected as well.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25022.zip

Navigation

Suggest Exploit

Services By CQR