Allok Soft WMV to AVI MPEG DVD Converter Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A buffer overflow vulnerability has been identified in Allok Soft WMV to AVI MPEG DVD WMV Converter version 4.6.1217. This vulnerability allows local attackers to execute arbitrary code by sending an oversized string in the License Name field. Exploitation involves crafting a malicious input that includes shellcode designed to overwrite the structured exception handler (SEH), bypassing security protections and executing code with the privileges of the application.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

To reproduce this vulnerability, download and install Allok Soft WMV to AVI MPEG DVD WMV Converter version 4.6.1217 on a Windows XP Service Pack 3 system. After installation, run the application and enter the crafted input into the License Name field. The input should include an oversized string that overwrites the SEH with a return address pointing to the shellcode. Once the License Name field is filled, enter a random string in the License Code field and click 'Register'. If the exploitation is successful, the Windows Calculator will open, indicating that the shellcode was executed.