Allok Video to DVD Burner Stack-Based Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A stack-based buffer overflow vulnerability has been identified in Allok Video to DVD Burner version 2.6.1217. The issue resides in the License Name field, where local attackers can exploit the vulnerability to execute arbitrary code by overwriting the structured exception handler (SEH) chain. To exploit this vulnerability, an attacker must craft a malicious input string consisting of 780 bytes of padding followed by SEH chain pointers and shellcode. This crafted input can then be pasted into the License Name field during the registration process, leading to unauthorized code execution.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

The vulnerability can be reproduced by downloading and installing Allok Video to DVD Burner version 2.6.1217. After installation, the exploit code can be executed using Python 2.7, which creates a file named 'Evil.txt' containing the crafted payload. The contents of this file are then copied and pasted into the License Name field during registration, which triggers the buffer overflow and executes the embedded shellcode.