← Advisories

Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption

High
Advisory ID
ZSL-2012-5080
Release Date
20 March 2012
Vendor
Oreans Technologies - http://www.oreans.com
Affected Version
2.1.8.0 (32/64bit)
CVE
CVE-2012-4864
Tested On
Microsoft Windows XP Professional SP3 (EN) (32bit), Microsoft Windows 7 Ultimate SP1 (EN) (64bit)
Summary

WinLicense combines the same protection-level as Themida with the power of advanced license control, offering the most powerful and flexible technology that allows developers to securely distribute trial and registered versions of their applications.

Description

WinLicense is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a malicious XML file to execute arbitrary code and to cause denial-of-service conditions.

Proof of Concept
winlicense_mem.plTXT
Disclosure Timeline
N/A
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://packetstormsecurity.org/files/111034
[2]http://cxsecurity.com/issue/WLB-2012030183
[3]http://www.exploit-db.com/exploits/18637/
[4]http://www.securityfocus.com/bid/52650
[5]http://www.1337day.com/exploits/17789
[6]http://xforce.iss.net/xforce/xfdb/74170
[7]http://www.osvdb.org/show/osvdb/80550
[8]http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-4864
Changelog
20.03.2012Initial release
21.03.2012Added reference [1] and [2]
22.03.2012Added reference [3], [4] and [5]
23.03.2012Added reference [6]
27.03.2012Added reference [7]
07.09.2012Added reference [8]