lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4A51CE46.8040104@bkav.com.vn>
Date: Mon, 06 Jul 2009 17:13:26 +0700
From: Bkis <svrt@...v.com.vn>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [Bkis-10-2009] Photo DVD Maker Professional Buffer Overflow Vulnerability

Title : Photo DVD Maker Professional Buffer Overflow Vulnerability

1. General Information

Photo DVD Maker Professional is a tool allows you to create entertaining 
photo slideshows with many file formats supported. Bkis has just 
detected a vulnerability in the software related to the processing of 
Photo DVD Maker Professional project files (“.pdm”). This vulnerability 
permits hackers to execute malicious code on users’ systems.

Details : http://blog.bkis.com/?p=713
Bkis Advisory : Bkis-10-2009
Initial vendor notification : 12/06/2009
Release Date : 06/07/2009
Update Date : 06/07/2009
Discovered by : Le Duc Anh - Bkis
Attack Type : Buffer Overflow
Security Rating : High
Impact : Code Execution
Affected Software : Photo DVD Maker Professional version <= 8.02 (Prior 
versions may also be affected).
PoC : http://blog.bkis.com/wp-content/uploads/2009/07/photodvdmaker_poc.pdm

2. Technical Description

PDM files are used to store essential information about a Photo DVD 
Maker Professional Project (in XML format). The software performs 
inadequate check for the length of a File_Name tag. This results in a 
critical buffer overflow error when set with an overly long value.

In order to exploit, a hacker might create a specially crafted “.pdm” 
file and trick users into using it. If successful, hackers can perform 
local attack, inject viruses, steal sensitive information and even take 
control of the victim’s system.

3. Solution

Rating this vulnerability high severity and due to the fact that the 
vendor hasn’t released any patch against this vulnerability, Bkis 
recommends that users should not open any untrusted PDM file.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ