BeyondCHM '.chm' File Remote Stack Buffer Overflow Vulnerability

Bugtraq ID:	53213
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 24 2012 12:00AM
Updated:	Apr 24 2012 12:00AM
Credit:	Carlo Di Dato
Vulnerable:	BeyondCHM BeyondCHM 1.1
Not Vulnerable:

BeyondCHM '.chm' File Remote Stack Buffer Overflow Vulnerability

BeyondCHM is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

BeyondCHM 1.1 is vulnerable; other versions may also be affected.

BeyondCHM '.chm' File Remote Stack Buffer Overflow Vulnerability

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

BeyondCHM '.chm' File Remote Stack Buffer Overflow Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

BeyondCHM '.chm' File Remote Stack Buffer Overflow Vulnerability

References:

• BeyondCHM 1.1 Buffer Overflow (BeyondCHM)
  
• BeyondCHM Homepage (BeyondCHM)