vendor:
Program Checker Pro
by:
callAX
7.5
CVSS
HIGH
Stack-based buffer overflow
CWE
Product Name: Program Checker Pro
Affected Version From: 1.5.0.531
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP SP1/SP2 English/French with IE 6.0/7.0, Windows Vista Professional English/French SP1 with IE 7.0
2007
sasatl.dll 1.5.0.531 Program Checker-Method DebugMsgLog Heap Spraying Exploit
The DebugMsgLog method in sasatl.dll is prone to a stack-based buffer-overflow vulnerability, because it fails to properly check boundaries. An attacker could execute arbitrary code into the remote machine.
Mitigation:
- Activate the Kill bit zero in clsid:59DBDDA6-9A80-42A4-B824-9BC50CC172F51.- Unregister sasatl.dll using regsvr32.