vendor:
AutoPlay
by:
badc0re (Dame Jovanoski)
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: AutoPlay
Affected Version From: 1.33
Affected Version To: 1.33
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Microsoft Windows 7 Ultimate
2011
AutoPlay v1.33 (autoplay.ini) Local Buffer Overflow Exploit (SEH)
The program suffers from a buffer overflow vulnerability when opening autorun file (.ini), as a result of adding extra bytes to parts of the edited file, giving the attackers the possibility for arbitrary code execution on the affected system. Also, the buffer overflow vulnerability allows the attacker to bypass Structured Exception Handling (SEH) protection mechanism.
Mitigation:
Update to a patched version of the software.