GetRight Skin File (*.grs) Buffer Overflow May Let Remote Users Run Arbitrary
Code
Application: GetRight
Headlight Software
www.getright.com
Author:
ATmaCA <atmaca@prohack.net>
a remote user can create a malicious skin file (*.grs) that, when loaded by the
target user, will trigger a buffer overflow in DUNZIP32.DLL (4.0.0.3) and
potentially execute arbitrary code.
AFFECTED VERSION:
Versions verified to be vulnerable:
GetRight 5.2a and prior versions are affected.
Solutions:
There was no response.
Exploit:
http://www.milw0rm.xmc.pl/sploits/c_skin.grs
When you copy or click this link, getright automaticly download and try to load
crafted skin and will trigger buffer overflow
# milw0rm.xmc.pl [8x16*32^n]
Polish:
Webdeveloper |
Probably the best hosting company Interserver
SEO Shop:
Multi-quality SEO links |
Best Proxy Service.
Group: xmc.pl