1 Click Audio Software 2.3.6 (Video) - 2x ActiveX Buffer Overflow Vulnerabilities

Editorial_Staff_Team's picture

1 Click Audio Software 2.3.6 (Video) - 2x ActiveX Buffer Overflow Vulnerabilities

Today the independent researcher metacom disclosed two issues in the dvdtools software 1click audio v2.3.6. The security vulnerability is located in the COM component in the SkinCrafter.dll. The independent security researcher demonstrates in two videos how to exploit the bug via activex component.

The security risk of the buffer overflow vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 6.1. Exploitation of the vulnerability requires a low privilege system user account and no user interaction. Successful exploitation of the vulnerability results in system compromise by elevation of privileges via overwrite of the registers.

1 Click Audio Converter - Activex Buffer Overflow Vulnerability

Advisory: http://www.vulnerability-lab.com/get_content.php?id=1507

1 Click Extract Audio - Activex Buffer Overflow Vulnerability

Advisory: http://www.vulnerability-lab.com/get_content.php?id=1508

Rate this article: 
Average: 5 (6 votes)

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.