Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > bugtraq > 07 > 060091.html (Request Expert securityfocus.com Support)

[SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow

From: Jerome Athias <jerome.athias(at)free.fr>
Date: Thu Jun 28 2007 - 02:48:06 EDT


[SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow

Release Date : 2007-06-28

Critical : Moderately critical. Level 3 of 5. Impact : System access
Where : From remote

Solution Status : Unpatched

Software :
PCSoft WinDEV
(PCSoft WinDEV Express)
(PCSoft WinDEV Mobile)
(PCSoft WebDEV)

Description :
Jerome Athias has reported a vulnerability in PCSoft WinDEV, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the handling of a ".wdp" project file that contains an overly long string in the "used DLL" fields. This can be exploited to cause a stack-based buffer overflow and allows arbitrary code execution when a malicious ".wdp" file is opened.
It is also possible to perform an infinite loop (DoS), resulting in the use of a large amount of CPU and memory ressources using a malformed project file.

The vulnerability has been reported in version 11 (latest release: 01F110053p). Older versions and other products (WinDEV Express, Mobile and WebDEV) could also be affected.

Do you need help?X

Solutions :
Do not open ".wdp" files from non-trusted sources.

Provided and discovered by :
Jerome Athias
http://www.JA-PSI.fr

Original Advisory :
https://www.securinfos.info/english/security-advisories-alerts/20070628_PCSoft.WinDEV.wdp.Project.File.Handling.Buffer.Overflow.php

PoC codes:
https://www.securinfos.info/english/security-tools-hacking/windev_crash.zip

Received on Thu Jun 28 12:01:36 2007

This archive was generated by hypermail 2.1.8 : Thu Jun 28 2007 - 12:10:02 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library