Reported
September 18, 2003, by Bahaa Naamneh.
VERSIONS
AFFECTED
WideChapter Internet
Browser for Windows
DESCRIPTION
DEMONSTRATION
The
discoverer posted the following code as proof of concept:
By embedding the
following JavaScript into a web page: < script>window.open(http://AAA..
\[Ax517\])</script>, it is possible to cause the EIP to overwrite once a user
visits the web page.
VENDOR
RESPONSE
CREDIT
A vulnerability in WideChapter Internet Browser for Windows can result in the execution of arbitrary code on the vulnerable system. By initiating a long HTTP request, an attacker can cause a buffer overflow in WideChapter. This overflow permits modification of the Execution Instruction Point, which lets the attacker execute arbitrary code.
An exploit for Windows XP Home has created and is available for download from:
http://www.elitehaven.net/wcexploit.zipWideChapter has been notified.
Discovered by
Bahaa Naamneh.
Buffer Overflow Vulnerability in WideChapter Internet Browser for Windows
0 comments
Hide comments