Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption

Title: Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption
Advisory ID: ZSL-2012-5080
Type: Local/Remote
Impact: System Access, DoS
Risk: (4/5)
Release Date: 20.03.2012
Summary
WinLicense combines the same protection-level as Themida with the power of advanced license control, offering the most powerful and flexible technology that allows developers to securely distribute trial and registered versions of their applications.
Description
WinLicense is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a malicious XML file to execute arbitrary code and to cause denial-of-service conditions.
Vendor
Oreans Technologies - http://www.oreans.com
Affected Version
2.1.8.0 (32/64bit)
Tested On
Microsoft Windows XP Professional SP3 (EN) (32bit)
Microsoft Windows 7 Ultimate SP1 (EN) (64bit)
Vendor Status
N/A
PoC
winlicense_mem.pl
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://packetstormsecurity.org/files/111034
[2] http://cxsecurity.com/issue/WLB-2012030183
[3] http://www.exploit-db.com/exploits/18637/
[4] http://www.securityfocus.com/bid/52650
[5] http://www.1337day.com/exploits/17789
[6] http://xforce.iss.net/xforce/xfdb/74170
[7] http://www.osvdb.org/show/osvdb/80550
[8] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-4864
Changelog
[20.03.2012] - Initial release
[21.03.2012] - Added reference [1] and [2]
[22.03.2012] - Added reference [3], [4] and [5]
[23.03.2012] - Added reference [6]
[27.03.2012] - Added reference [7]
[07.09.2012] - Added reference [8]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk