AstonSoft DeepBurner DBR Compilation Buffer Overflow Vulnerability
BID:21657
Info
AstonSoft DeepBurner DBR Compilation Buffer Overflow Vulnerability
| Bugtraq ID: | 21657 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-6665 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 19 2006 12:00AM |
| Updated: | Jul 06 2016 01:33PM |
| Credit: | Expanders discovered this vulnerability. |
| Vulnerable: |
AstonSoft DeepBurner 1.8 AstonSoft DeepBurner 1.9.0.228 |
| Not Vulnerable: | |
Discussion
AstonSoft DeepBurner DBR Compilation Buffer Overflow Vulnerability
AstonSoft DeepBurner is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation.
Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with arbitrary data, potentially allowing them to execute malicious machine code in the context of the affected application. This vulnerability may facilitate the compromise of affected computers.
AstonSoft DeepBurner 1.8.0 and 1.9.0.228 are affected; previous versions may be vulnerable as well.
AstonSoft DeepBurner is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation.
Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with arbitrary data, potentially allowing them to execute malicious machine code in the context of the affected application. This vulnerability may facilitate the compromise of affected computers.
AstonSoft DeepBurner 1.8.0 and 1.9.0.228 are affected; previous versions may be vulnerable as well.
Exploit / POC
AstonSoft DeepBurner DBR Compilation Buffer Overflow Vulnerability
The following exploits and proof of concept are available:
The following exploits and proof of concept are available:
Solution / Fix
AstonSoft DeepBurner DBR Compilation Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
AstonSoft DeepBurner DBR Compilation Buffer Overflow Vulnerability
References:
References:
- DeepBurner Homepage (AstonSoft)
- DeepBurner <= 1.8.0 dbr parsing remote buffer overflow (Expanders)