CVE-2009-3859 – eEye Retina WiFi Security Scanner 1.0 - '.rws Parsing' Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2009-3859

Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry. Desbordamiento de búfer en Retina WiFi Scanner v1.0.8.68, usado en Retina Network Security Scanner v5.10.14, permite a atacantes asistidos por el usuario provocar una denegación de servicio (caída de aplicación) o la ejecución de código de su elección a través de un archivo .rws con una entrada RWS010 larga. • https://www.exploit-db.com/exploits/9114 http://osvdb.org/55744 http://research.eeye.com/html/advisories/published/AD20090710.html http://secunia.com/advisories/35786 http://www.exploit-db.com/exploits/9114 http://www.securityfocus.com/bid/35624 http://www.securitytracker.com/id?1022534 http://www.vupen.com/english/advisories/2009/1862 https://exchange.xforce.ibmcloud.com/vulnerabilities/51625 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •