Vulnerabilities > CVE-2005-0308 - Buffer Overflow vulnerability in Ursoftware W32Dasm 8.94
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | URSoft W32Dasm Disassembler Function Buffer Overflow. CVE-2005-0308. Local exploit for windows platform |
| id | EDB-ID:16645 |
| last seen | 2016-02-02 |
| modified | 2010-09-25 |
| published | 2010-09-25 |
| reporter | metasploit |
| source | https://www.exploit-db.com/download/16645/ |
| title | URSoft W32Dasm Disassembler Function Buffer Overflow |
Metasploit
| description | This module exploits a buffer overflow in W32Dasm <= v8.93. By creating a malicious file and convincing a user to disassemble the file with a vulnerable version of W32Dasm, the Imports/Exports function is copied to the stack and arbitrary code may be executed locally as the user. |
| id | MSF:EXPLOIT/WINDOWS/FILEFORMAT/URSOFT_W32DASM |
| last seen | 2020-01-16 |
| modified | 2020-01-15 |
| published | 2009-01-07 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/ursoft_w32dasm.rb |
| title | URSoft W32Dasm Disassembler Function Buffer Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/82970/ursoft_w32dasm.rb.txt |
| id | PACKETSTORM:82970 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | patrick |
| source | https://packetstormsecurity.com/files/82970/URSoft-W32Dasm-Disassembler-Function-Buffer-Overflow.html |
| title | URSoft W32Dasm Disassembler Function Buffer Overflow |