A Buffer Overflow vulnerability is detected on Bitsmith Software Personal Knowbase v3.2.3.The vulnerability is located in the main executeable knowbase.exe. An oversized string on the registry value Knowbase Data within the Key [HKEY_CURRENT_USER/Software/Bitsmith Software/Personal Knowbase/Directories] results in a local buffer overflow. The value gets read within the FileOpen dialogue. An attacker needs to manipulate the registry value and has to trick the victim to open and cancel the FileOpen dialogue.
--- Debugger Logs ---
# 41414141: The instruction at 0x41414141 referenced memory at 0x41414141. The memory could not be read -> 41414141 (exc.code c0000005, tid 844)
Proof of Concept:
The vulnerability can be exploited by local attackers. Successful exploitation requires user inter action by clicking the dialog file open or cancel. For demonstration or reproduce ...
# Exploit Title: Bitsmith Software Personal Knowbase v3.2.3 Local Buffer Overflow
# Version: 3.2.3
# Tested on: Windows XP SP3 Professional German
# Howto: Import Reg -> Start App -> Open File --> Cancel