Multiple UltraISO Flaws Execute Malicious Codes in Vulnerable Systems

Researchers at security firm Secunia have discovered several vulnerabilities within UltraISO (tool that creates/edits/converts CD graphic files) that cyber criminals could exploit to take over an affected computer.

Explaining the security problem, Secunia said it results from errors of buffer overflow and format string at the time of processing of maliciously created C2D, GI and CIF files, or when malformed 'Direct Access Archive' (DAA) file names are handled.

Moreover, the researchers stated that while processing maliciously created C2D, GI and CIF files, an attacker could remotely create a file and assign it a malicious file name. If the targeted end user installs the file, it will result in an error of format string that leads to the execution of malware on the affected machine. And while the malware is executed, the software uses the privileges of the targeted end-user.

Further, while handling the distorted DAA fine names, an attacker could remotely create a malicious file. If the targeted end user loads this file, it will lead to a heap-based overflow so that malicious code could be executed on the attacked computer. This code too would run using the attacked end-user's privileges.

The numbers of UltraISO vulnerabilities affect version 9.3.1.2633 as well as versions prior to 9.3.3.2685.

However, Secunia has issued a security patch to resolve the problem. Accordingly, experts at the security company suggest users whose computers might be vulnerable to the UltraISO flaws to update their computers with the most recent version 9.3.3.2685.

In the meantime, the security researchers say that using a maliciously created graphic file to execute malware isn't happening for the first time. In June 2006, a special ART file (a graphic file format that America Online client application uses) resulted in a buffer overflow when the file was delivered through Internet Explorer inside the IMG tags.

Upon successfully exploiting that flaw, it allowed the execution of malware or arbitrary codes with the rights of the end user then logged-on. Consequently, the attacker could load or run software as well as view/edit data using all the privileges. Furthermore, another malware could exploit the flaw for making its own copies, the researchers added.

Related article: Multiple Flaws Identified in Linux Kernel 2.6

» SPAMfighter News - 6/9/2009