Synopsis: Netsprint Toolbar 1.1 arbitrary remote code vulnerability Product: Netsprint Toolbar Version: 1.1 Author: Michal Bucko (sapheal) Issue: ====== Function of a prototype isChecked (char*) (in toolbar.dll) is vulnerable to buffer overrun. Arbitrary code execution might be possible.The problem occurs when 767B49 MOV ECX,[EAX+140] data is being copied into the buffer of an insufficient size. Impact: ======= Remote arbitrary code execution. Credits: ======== Michal Bucko (sapheal) Disclaimer: =========== This document and all the information it contains are provided "as is", for educational purposes only, without warranty of any kind, whether express or implied. The authors reserve the right not to be responsible for the topicality, correctness, completeness or quality of the information provided in this document. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.
