WinAsm *.WAP File Buffer Overflow Vulnerability

by sharpe on May.28, 2010, under Security, Vulnerabilities

Summary

A vulnerability has been discovered in WinAsm Studio, which can be exploited by malicious, anonymous individuals to compromise a vulnerable system.

The vulnerability is caused as a result of improper bounds checking when reading *.WAP files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a maliciously constructed WinAsm project.

Successful exploitation of this vulnerability enables execution of arbitrary code.

Affected Versions

This vulnerability is confirmed in the following versions:

WinAsm Studio 5.1.8.0

Other versions may also be affected.

Screen Dumps

The following screen dump illustrates this issue:

Resolution

There is currently no fix for this issue.

Time-line

Vulnerability identified: 20.05.10
Vendor informed: 27.05.10
Vendor fix: Currently unavailable

References

:Security, Vulnerabilities, WinAsm

RSS feed for this post (comments) TrackBack URI

Hi! Welcome to blog.sat0ri.com!
Thanks for dropping by! Feel free to join the discussion by leaving comments, and stay updated by subscribing to the RSS feed. See ya around!
Polls
Sorry, there are no polls available at the moment.
Recent Posts
Categories
- Challenges (6)
- Malware (6)
- Molecular Biology (2)
- Reverse Code Engineering (10)
- Security (17)
- Utilities (9)
- Vulnerabilities (7)
Tags
Challenges Crimson Editor CVE-2010-2862 Malware Molecular Biology Reversing Security Spy Eye Staphylococcus Aureus USA300 Utilities Vulnerabilities Win32/Silon WinAsm ZBot

Categories

Meta
- Log in
- Valid XHTML

blog.sat0ri.com