[SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow Release Date : 2007-06-28 Critical : Moderately critical. Level 3 of 5. Impact : System access Where : From remote Solution Status : Unpatched Software : PCSoft WinDEV (PCSoft WinDEV Express) (PCSoft WinDEV Mobile) (PCSoft WebDEV) Description :Jerome Athias has reported a vulnerability in PCSoft WinDEV, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the handling of a ".wdp" project file that contains an overly long string in the "used DLL" fields. This can be exploited to cause a stack-based buffer overflow and allows arbitrary code execution when a malicious ".wdp" file is opened. It is also possible to perform an infinite loop (DoS), resulting in the use of a large amount of CPU and memory ressources using a malformed project file.
The vulnerability has been reported in version 11 (latest release: 01F110053p). Older versions and other products (WinDEV Express, Mobile and WebDEV) could also be affected.
Solutions : Do not open ".wdp" files from non-trusted sources. Provided and discovered by : Jerome Athias http://www.JA-PSI.fr Original Advisory : https://www.securinfos.info/english/security-advisories-alerts/20070628_PCSoft.WinDEV.wdp.Project.File.Handling.Buffer.Overflow.php PoC codes: https://www.securinfos.info/english/security-tools-hacking/windev_crash.zip
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature