Verypdf DocPrint Pro Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A buffer overflow vulnerability has been identified in Verypdf DocPrint Pro version 8.0. This vulnerability arises from structured exception handling, allowing local attackers to execute arbitrary code. The issue is triggered by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields. Exploitation involves crafting a malicious payload with encoded shellcode and manipulating the SEH chain to bypass protections. When the password fields are processed during PDF encryption, the payload is executed, demonstrating the vulnerability by displaying a MessageBox.
Impact
Exploitation of this vulnerability allows for arbitrary code execution on the affected system.
Reproduction
To reproduce this vulnerability, create a blank PDF file and open the DocPrint Pro application. Navigate to the settings and enable PDF encryption. Then, use a Python script to generate a payload that exploits the buffer overflow vulnerability by manipulating the password fields. After the payload is injected, select the crafted PDF file and initiate the export process, which will trigger the exploitation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.