Tag: WinAsm
WinAsm *.WAP File Buffer Overflow Vulnerability
by sharpe on May.28, 2010, under Security, Vulnerabilities
Summary
A vulnerability has been discovered in WinAsm Studio, which can be exploited by malicious, anonymous individuals to compromise a vulnerable system.
The vulnerability is caused as a result of improper bounds checking when reading *.WAP files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a maliciously constructed WinAsm project.
Successful exploitation of this vulnerability enables execution of arbitrary code.
Affected Versions
This vulnerability is confirmed in the following versions:
- WinAsm Studio 5.1.8.0
Other versions may also be affected.
Screen Dumps
The following screen dump illustrates this issue:
Resolution
There is currently no fix for this issue.
Time-line
- Vulnerability identified: 20.05.10
- Vendor informed: 27.05.10
- Vendor fix: Currently unavailable
References
WinAsm *.RC File Buffer Overflow Vulnerability
by sharpe on Apr.12, 2010, under Security, Vulnerabilities
Summary
A vulnerability has been discovered in WinAsm Studio, which can be exploited by malicious, anonymous individuals to compromise a vulnerable system.
The vulnerability is caused as a result of improper bounds checking when reading *.RC files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a maliciously constructed WinAsm project.
Successful exploitation of this vulnerability enables execution of arbitrary code.
Affected Versions
This vulnerability is confirmed in the following versions:
- WinAsm Studio 5.1.8.0
Other versions may also be affected.
Screen Dumps
The following screen dump illustrates this issue:
Resolution
There is currently no fix for this issue.
Time-line
- Vulnerability identified: 01.04.10
- Vendor informed: 06.04.10
- Vendor fix: Currently unavailable
References
