Magic ISO Maker Buffer Overflow Vulnerability Leading to Denial-of-Service

A buffer overflow vulnerability has been identified in Magic ISO Maker version 5.5 build 281, specifically within the Serial Code registration field. This vulnerability allows local attackers to cause a denial-of-service condition by submitting excessively large input. By generating a file with 5000 bytes of data and pasting it into the Serial Code field during registration, attackers can crash the application.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash.

Reproduction

To reproduce this vulnerability, first create a file named 'MagicIso.txt' containing 5000 bytes of data. This can be done using a Python script that writes the buffer data into the file. After generating the file, copy the contents to the clipboard. Then, open Magic ISO Maker and navigate to the registration section. Enter any name in the 'User Name' field and paste the clipboard contents into the 'Serial Code' field. Finally, click the 'Register!' button, which will trigger the application to crash.