Archive for March 20th, 2012

Themida and WinLicense Vulnerabilities

The vulnerability in Themida is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TMD file. Successful exploitation may allow execution of arbitrary code.

WinLicense is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a malicious XML file to execute arbitrary code and to cause denial-of-service conditions.

Advisories:

ZSL-2012-5079http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5079.php
ZSL-2012-5080http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5080.php