Unicode Stack-based Buffer Overflow on CyberLink LabelPrint 2.5

It's been a while since the last post about exploitation on this blog. This time, we try to explain a stack based overflow on a software called Cyberlink LabelPrint. The software serves as a tool to assist in designing labels for CD / DVD covers. Cyberlink LabelPrint is included in the installation of Cyberlink Power2Go,…

CyberLink Power2Go Unicode Stack Buffer Overflow

The proof of concept of the vulnerability¬†has been released on December 9, 2011, and no further announcement from CyberLink. I tried to coordinate the issue until they didn't contact me anymore. A week after our last email, they updated the product, and ¬†yes it's Power2Go 8. How do they know that the product is safe…