TVMOBiLi HTTP Request Processing Two Buffer Overflow

by Carol~ Moderator - 12/7/12 11:10 AM

In Reply to: VULNERABILITIES / FIXES - December 07, 2012 by Carol~ Moderator

TVMOBiLi HTTP Request Processing Two Buffer Overflow Vulnerabilities

Release Date : 2012-12-07

Criticality level : Moderately critical
Impact : System access
DoS
Where : From local network
Solution Status : Vendor Patch

Software: TVMOBiLi 2.x

Description:
Two vulnerabilities have been discovered in TVMOBiLi, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

1) A boundary error in the "CHTTPServerTransaction::LoadResource()" method (HttpUtils.dll) when processing a web request can be exploited to cause a limited stack-based buffer overflow resulting in a crash only via a specially crafted URL.

2) A boundary error in the "CHTTPServerTransaction::LoadFile()" method (HttpUtils.dll) when processing a web request can be exploited to cause a heap-based buffer overflow via a specially crafted URL.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities are confirmed in version 2.1.3557. Prior versions may also be affected.

Solution:
Update to version 2.1.3974.

Provided and/or discovered by:
1) High-Tech Bridge
2) Additional information provided by Secunia Research.

Original Advisory:
TVMOBiLi:
http://dev.tvmobili.com/changelog.php
http://forum.tvmobili.com/viewtopic.php?f=7&t=55117

HTB23120:
https://www.htbridge.com/advisory/HTB23120

http://secunia.com/advisories/51465/