a-Mac Address Change Buffer Overflow Vulnerability Leading to Denial-of-Service
Vulnerability
A local buffer overflow vulnerability has been identified in a-Mac Address Change version 5.4. This vulnerability allows local attackers to cause a denial-of-service condition by sending oversized input to registration form fields. Specifically, 212 bytes of data can be pasted into the 'Your Name', 'Your Company', or 'Register Code' fields, which then crashes the application when the Register button is clicked.
Impact
Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash.
Reproduction
To reproduce this vulnerability, run the application 'amac.exe' on a Windows XP SP3 system. Once the application is open, navigate to the registration form. Paste 212 bytes of data, consisting of repeated 'A' characters, into the 'Your Name', 'Your Company', and 'Register Code' fields. After filling in these fields, click the Register button, which will trigger the application to crash.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.