Easy MPEG to DVD Burner Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A local buffer overflow vulnerability has been identified in Easy MPEG to DVD Burner version 1.7.11. This vulnerability arises from improper handling of user input, specifically in the username field, allowing local attackers to execute arbitrary code. By crafting a payload that includes junk data, pointers to the Structured Exception Handling (SEH) chain, and shellcode, attackers can overwrite the SEH handler. This manipulation redirects the program's execution flow, enabling the execution of arbitrary commands, such as launching the calculator application.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected system.

Reproduction

To reproduce this vulnerability, open Easy MPEG to DVD Burner version 1.7.11 and navigate to the registration section. In the username field, paste a payload generated by an exploit script. This payload should include approximately 1008 bytes of junk data, followed by a pointer to the SEH chain, and shellcode designed to execute a command, such as opening calc.exe.