CoCSoft Stream Down Response Processing Buffer Overflow Vulnerability

Bugtraq ID:	51190
Class:	Boundary Condition Error
CVE:	CVE-2011-5052
Remote:	Yes
Local:	No
Published:	Dec 28 2011 12:00AM
Updated:	Jan 10 2012 10:00PM
Credit:	Fady Mohammed Osman
Vulnerable:	CocSoft CoCSoft Stream Down 6.8.0.0 CocSoft CoCSoft Stream Down 0
Not Vulnerable:

CoCSoft Stream Down Response Processing Buffer Overflow Vulnerability

CoCSoft Stream Down is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

CoCSoft Stream Down 6.8.0.0 is vulnerable; other versions may also be affected.

CoCSoft Stream Down Response Processing Buffer Overflow Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious file.

The following exploit is available:

• /data/vulnerabilities/exploits/51190.rb

CoCSoft Stream Down Response Processing Buffer Overflow Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

CoCSoft Stream Down Response Processing Buffer Overflow Vulnerability

References:

• CoCSoft Stream Down Homepage (CocSoft)