Netsprint Toolbar 1.1 arbitrary remote code vulnerability Apr 17 2007 11:01AM
Michal Bucko (michal bucko hack pl) (1 replies)
Synopsis: Netsprint Toolbar 1.1 arbitrary remote code vulnerability
Product: Netsprint Toolbar
Version: 1.1

Author: Michal Bucko (sapheal)

Issue:
======

Function of a prototype isChecked (char*) (in toolbar.dll) is vulnerable to
buffer
overrun. Arbitrary code execution might be possible.The problem occurs when

767B49 MOV ECX,[EAX+140]

data is being copied into the buffer of an insufficient size.

Impact:
=======

Remote arbitrary code execution.

Credits:
========

Michal Bucko (sapheal)

Disclaimer:
===========

This document and all the information it contains are provided "as is",
for educational purposes only, without warranty of any kind, whether
express or implied.

The authors reserve the right not to be responsible for the topicality,
correctness, completeness or quality of the information provided in
this document. Liability claims regarding damage caused by the use of
any information provided, including any kind of information which is
incomplete or incorrect, will therefore be rejected.

[ reply ]
Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability Apr 17 2007 03:32PM
Michal Zalewski (lcamtuf dione ids pl)


 

Privacy Statement
Copyright 2010, SecurityFocus