in

myITforum.com

Andrew Berges at myITforum.com

Antivirus, Malware, SMS 2003, and assorted musings from a self-confessed IT geek.

DeepBurner DBR File Parsing Buffer Overflow Vulnerability

I know many people are using this application on USB drives as a portable app; now would be a good time to upgrade.

http://secunia.com/advisories/23367/ 

Description:
Expanders has discovered a vulnerability in DeepBurner, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error when parsing DBR files with an overly long string (greater than 256 bytes) in the "path" parameter of the "file" tag. This can be exploited to cause a stack-based buffer overflow via a specially crafted DBR file.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in DeepBurner Pro version 1.8.0.225. Other versions may also be affected.

Published Dec 19 2006, 01:23 PM by aberges
Filed under: , ,

Comments

No Comments
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems