1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP AstonSoft DeepBurner Path BO

HTTP AstonSoft DeepBurner Path BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect attempt to exploit a buffer overflow vulnerability in AstonSoft DeepBurner.

Additional Information

AstonSoft DeepBurner is a CD/DVD-burning application for Microsoft Windows platforms.

DeepBurner is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation.

Specifically, the vulnerability affects the 'file name' tag located in DBR or DBI files, which contain a listing of files to be included in a CD/DVD burning project. The application fails to allocate a sufficiently sized buffer for user-supplied data in these files, allowing an attacker to corrupt process memory by supplying more than 272 bytes as input for the 'file name' tag. The compilation of a maliciously designed DBR file can trigger this vulnerability.

This issue allows attackers to overwrite a sensitive memory buffer with arbitrary data, potentially allowing them to execute malicious machine code in the context of affected application. This vulnerability may facilitate the compromise of affected computers.

AstonSoft DeepBurner 1.8.0 and 1.9.0.228 are affected; previous versions may be vulnerable as well.

Affected

  • AstonSoft DeepBurner 1.8

Response

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube