abctab2ps 1.6.3 - 'Write_Heading' '.ABC' Remote Buffer Overflow







Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.



abctab2ps is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive process buffers. It is reported that this issue can allow an attacker to gain unauthorized access to a computer in the context of the application.

This vulnerability exists in the 'write_heading()' function.

An attacker can exploit this issue by crafting a malicious ABC file that contains excessive string data, replacement memory addresses, and executable instructions to trigger this issue.

If a user obtains this file and processes it through the application, the attacker-supplied instructions may be executed on the vulnerable computer. It is reported that successful exploitation may result in a compromise in the context of the application.

abctab2ps version 1.6.3 is reported prone to this vulnerability. It is likely that other versions are affected as well.