Technical Description / Proof of Concept Codeīelow is shown the result of opening the maliciously crafted file CORE-2013-0701-artweaver-poc-28ab190b137f3.AWD, which means the normal execution flow can be altered in order to execute arbitrary code. The publication of this advisory was coordinated by Fernando Miranda from Core Advisories Team. This vulnerability was discovered and researched by Daniel Kazimirow from Core Exploit Writers Team. Vendor encourages all Artweaver users to update to the latest version: Vendor notifies that Artweaver v3.1.6 and v4.0 are available and fix the reported vulnerability. Vendor Information, Solutions and Workarounds
This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing Artweaver users to open a specially crafted file. Vulnerability DescriptionĪrtweaver, is prone to a security vulnerability when processing AWD files. Vulnerability InformationĬVE Name: CVE-2013-2576 3.
Title: Artweaver Buffer Overflow Vulnerability
0 kommentar(er)
