Title: Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption
Advisory ID: ZSL-2012-5080
Type: Local/Remote
Impact: System Access, DoS
Risk: (4/5)
Release Date: 20.03.2012

Summary

WinLicense combines the same protection-level as Themida with the power of advanced license control, offering the most powerful and flexible technology that allows developers to securely distribute trial and registered versions of their applications.

Description

WinLicense is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a malicious XML file to execute arbitrary code and to cause denial-of-service conditions.

Vendor

Oreans Technologies - http://www.oreans.com

Affected Version

2.1.8.0 (32/64bit)

Tested On

Microsoft Windows XP Professional SP3 (EN) (32bit)
Microsoft Windows 7 Ultimate SP1 (EN) (64bit)

Vendor Status

N/A

PoC

winlicense_mem.pl

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] http://packetstormsecurity.org/files/111034
[2] http://cxsecurity.com/issue/WLB-2012030183
[3] http://www.exploit-db.com/exploits/18637/
[4] http://www.securityfocus.com/bid/52650
[5] http://www.1337day.com/exploits/17789
[6] http://xforce.iss.net/xforce/xfdb/74170
[7] http://www.osvdb.org/show/osvdb/80550
[8] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-4864

Changelog

[20.03.2012] - Initial release
[21.03.2012] - Added reference [1] and [2]
[22.03.2012] - Added reference [3], [4] and [5]
[23.03.2012] - Added reference [6]
[27.03.2012] - Added reference [7]
[07.09.2012] - Added reference [8]

Contact

Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk