[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] PowerDVD <= 4.0 local exploit

To: Full Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] PowerDVD <= 4.0 local exploit
From: Bernhard Mueller <research@xxxxxxxxxxxxxxx>
Date: Fri, 05 Aug 2005 20:22:24 +0200

edward GAGNON wrote:

> int main(int argc, char *argv[])
> {
> 
> char cmd[500];
> 
> [...]
>
> path = argv[1];
> 
> sprintf(cmd, "%s ", path);

classical stack overflow ;)

-- 
_____________________________________________________

~  DI (FH) Bernhard Mueller
~  IT Security Consultant

~  SEC-Consult Unternehmensberatung GmbH
~  www.sec-consult.com

~  A-1080 Wien  Blindengasse 3
~  Tel:   +43/676/840301718
~  Fax:   +43/(0)1/4090307-590
______________________________________________________
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] PowerDVD <= 4.0 local exploit
  - From: edward GAGNON

Prev by Date: [Full-disclosure] PowerDVD <= 4.0 local exploit
Next by Date: [Full-disclosure] Defeating Citi-Bank Virtual Keyboard Protection
Previous by thread: [Full-disclosure] PowerDVD <= 4.0 local exploit
Next by thread: [Full-disclosure] Defeating Citi-Bank Virtual Keyboard Protection
Index(es):
- Date
- Thread