Mobipocket Reader CHM File Handling Remote Overflow

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an eBook reader that is affected by a
buffer overflow vulnerability.

Description :

All versions of Mobipocket Reader are potentially affected by a
stack-based buffer overflow vulnerability.

The application does not properly validate user input and can allow
crafted 'CHM' files to either crash the application or execute
arbitrary code if an attack is successful.

Note that Mobipocket Reader is no longer supported which implies no
new security patches will be released.

See also :

http://shinnai.altervista.org/exploits/SH-018-20120423.html
http://seclists.org/fulldisclosure/2012/Apr/255
http://www.mobipocket.com/en/DownloadSoft/default.asp

Solution :

Remove the software as it is no longer supported.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.4
(CVSS2#E:POC/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 59108 ()

Bugtraq ID: 53200

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now