Socusoft Photo to Video Converter Professional Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A local buffer overflow vulnerability has been identified in Socusoft Photo to Video Converter Professional version 8.07. The issue resides in the 'Output Folder' input field, where attackers can paste crafted payloads to trigger a stack-based buffer overflow, potentially leading to the execution of arbitrary code.
Impact
Exploitation of this vulnerability allows for a stack-based buffer overflow, which can be used to execute arbitrary code on the affected system.
Reproduction
To reproduce this vulnerability, first run the provided Python script to generate a payload that exploits the buffer overflow. This script creates a malicious payload designed to be injected into the 'Output Folder' field of the application. After running the script, open Socusoft Photo to Video Converter Professional 8.07 and navigate to the 'Video Output' section. Paste the payload into the 'Output Folder' field and click 'Open' to trigger the buffer overflow.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.