Remote Process Explorer Buffer Overflow Vulnerability Leading to Denial-of-Service

A local buffer overflow vulnerability has been identified in Remote Process Explorer version 1.0.0.16. This vulnerability allows attackers to cause a denial-of-service condition by sending a crafted payload to the Add Computer dialog. By pasting a malicious string into the computer name textbox and connecting to the added computer, attackers can trigger a crash that overwrites the Structured Exception Handling (SEH) chain, corrupting exception handlers.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash. Additionally, the buffer overflow allows for overwriting the SEH chain, which could potentially be exploited to execute arbitrary code.

Reproduction

To reproduce this vulnerability, run Remote Process Explorer 1.0.0.16 on a Windows XP SP3 system. Copy a crafted payload that exploits the buffer overflow into the clipboard. Open the 'Add Computer' dialog and paste the payload into the computer name textbox. Click the 'Add' button, then right-click on the added computer and select 'Connect'. This sequence will cause the application to crash, demonstrating the denial-of-service condition and the SEH overwrite.