ESTsoft ALPass version 2.7 suffers from an arbitrary code execution vulnerability when importing a specially crafted DB file.
3d5ae490155ac68d0915c131e84daf0b821b62fb6bcbacf8f68c10b82d9593b7
[vuln.sg] Vulnerability Research Advisory
ALPass Password File Import Buffer Overflow Vulnerability
by Tan Chew Keong
Release Date: 2007-08-24
Summary
-------
A vulnerability has been found in ALPass. When exploited, the
vulnerability allows execution of arbitrary code when the user imports
Site Information from a specially-crafted ALPass DB File (APW).
Tested Versions
---------------
ESTsoft ALPass version 2.7 (English) (ALPass.exe file version 2.70.24.6112)
Details
-------
http://vuln.sg/alpass27-en.html
http://vuln.sg/alpass27-jp.html