AutoPlay v1.33 (autoplay.ini) Local Buffer Overflow Exploit (SEH)

Title: AutoPlay v1.33 (autoplay.ini) Local Buffer Overflow Exploit (SEH)
Advisory ID: ZSL-2011-4994
Type: Local/Remote
Impact: System Access, DoS
Risk: (4/5)
Release Date: 15.02.2011
Summary
AutoPlay is a shareware application used for making autorun.ini files that can be edited and stored to compact disks.
Description
The program suffers from a buffer overflow vulnerability when openinng autorun file (.ini), as a result of adding extra bytes to parts of the edited file, giving the atackers the possibility for an arbitrary code execution on the affected system. Also the buffer overflow vulnerability allows the atacker to bypass Structured Exception Handling (SEH) protection mechanism.
Vendor
Naugher Software - http://www.naughter.com
Affected Version
1.33
Tested On
Microsoft Windows 7 Ultimate
Vendor Status
N/A
PoC
autoplay_bof.py
Credits
Vulnerability discovered by Dame Jovanoski - <jovanoski@zeroscience.mk>
References
[1] http://www.exploit-db.com/exploits/16173/
[2] http://securityreason.com/exploitalert/9981
[3] http://packetstormsecurity.org/files/98496
[4] http://www.securityhome.eu/exploits/exploit.php?eid=5243488454d5baee0dfbaa1.35052281
[5] http://osvdb.org/show/osvdb/70955
[6] http://secunia.com/advisories/43341/
Changelog
[15.02.2011] - Initial release
[16.02.2011] - Added reference [1], [2], [3] and [4]
[06.03.2011] - Added reference [5] and [6]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk