Achilles

**Name of the Vulnerable Software and Affected Versions** River Past Audio Converter version 7.7.16 **Description** The software contains a local buffer overflow in the activation code field. This allows local attackers to cause a denial of service by providing an oversized input string. An attacker can paste a large payload of repeated characters into the 'E-Mail and Activation Code' field and click 'Activate' to trigger this condition. The vulnerable field is the `activation code` field. **Recommendations** Apply a fix for River Past Audio Converter version 7.7.16.

**Name of the Vulnerable Software and Affected Versions** River Past CamDo version 3.7.6 **Description** The software contains a structured exception handler (SEH) buffer overflow. Local attackers can execute arbitrary code by providing a malicious string in the `Lame enc.dll` name field. Attackers can create a payload with a 280-byte buffer, NSEH jump instruction, and SEH handler address pointing to a pop-pop-ret gadget to trigger code execution and establish a bind shell on port 3110. **Recommendations** Update River Past CamDo to a newer version that contains a fix for this vulnerability. As a temporary workaround, avoid using the `Lame enc.dll` file.

**Name of the Vulnerable Software and Affected Versions** MyVideoConverter Pro version 3.14 **Description** The software contains a local buffer overflow issue that can lead to a denial of service. An attacker can exploit this by providing an excessively long string to the registration code input field. Specifically, pasting a malicious payload of approximately 10000 bytes into the 'Copy and Paste Registration Code' field triggers the condition. The vulnerable parameter is the registration code input field. **Recommendations** Apply a fix for MyVideoConverter Pro version 3.14 to address the buffer overflow issue.

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function to trigger an application crash.

**Name of the Vulnerable Software and Affected Versions** WinMPG Video Convert versions prior to 9.3.6 **Description** A buffer overflow exists in the registration dialog. Local attackers can cause a denial of service by providing oversized input. Specifically, pasting a payload of 6000 bytes into the `Name` and `Registration Code` fields can crash the application. **Recommendations** Update to a version newer than 9.3.5. As a temporary workaround, avoid entering oversized data into the `Name` and `Registration Code` fields in the registration dialog.

**Name of the Vulnerable Software and Affected Versions** AnMing MP3 CD Burner version 2.0 **Description** A buffer overflow occurs when a program writes more data to a memory buffer than it can hold, potentially overwriting adjacent memory. This issue allows local attackers to crash the application by supplying an oversized string. Specifically, pasting a 6000-byte payload into the `registration name` field triggers a denial of service condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Fast AVI MPEG Joiner version 1.2.0812 **Description** A buffer overflow allows local attackers to crash the application by supplying an oversized payload in the `License Name` field. This is achieved by pasting a malicious text file containing 6000 bytes of data into the `License Name` input field and clicking the Register button, resulting in a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TuneClone version 2.20 **Description** A structured exception handler (SEH) buffer overflow exists, allowing local attackers to execute arbitrary code by providing a malicious license code string. Attackers can craft a payload containing a controlled buffer, an NSEH jump instruction, and an SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ease Audio Converter version 5.30 **Description** A denial of service issue exists in the Audio Cutter function. Local attackers can cause the application to crash by processing malformed MP4 files. This is achieved by creating a crafted MP4 file containing an oversized buffer and loading it through the Audio Cutter interface. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lavavo CD Ripper version 4.20 **Description** A structured exception handling (SEH) buffer overflow allows local attackers to execute arbitrary code. This occurs when a malicious string is supplied in the `License Activation Name` field. Attackers can use controlled buffer data, NSEH jump instructions, and SEH handler addresses to trigger the execution of code and establish a bind shell on port 3110. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Folder Lock version 7.7.9 **Description** The software contains a buffer overflow in the serial number registration field. Local attackers can cause the application to crash by submitting a payload exceeding the expected size. Specifically, attackers can paste a 6000-byte buffer of arbitrary data into the 'Serial Number and Registration Key' field, triggering a denial of service condition. The vulnerable parameter is the `Serial Number and Registration Key` field. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RAR Password Recovery version 1.80 **Description** The software contains a buffer overflow issue that allows local attackers to cause the application to crash. Attackers can create a malicious input string larger than 6000 bytes and paste it into the `User Name` and `Registration Code` field within the registration dialog to trigger the crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Prime95 version 29.8 build 6 **Description** Prime95 version 29.8 build 6 has a buffer overflow issue in the user ID input field. This allows remote attackers to potentially execute arbitrary code. An attacker can create a malicious payload and input it into the PrimeNet user ID and proxy host fields, which may trigger a bind shell on port 3110. The vulnerable input fields are the PrimeNet user ID and proxy host fields. The `user ID` is a vulnerable parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Duplicate Cleaner Pro version 4.1.3 **Description** A denial of service issue allows attackers to crash the application by injecting an oversized buffer into the license key field. This is achieved by generating a 6000-byte payload and pasting it into the license activation field. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TextCrawler Pro version 3.1.1 **Description** A denial of service issue allows attackers to crash the application by sending an oversized buffer in the license key field. This is achieved by generating a 6000-byte payload and pasting it into the activation field. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Easy CD & DVD Cover Creator version 4.13 **Description** Easy CD & DVD Cover Creator version 4.13 contains a buffer overflow issue in the serial number input field. An attacker can provide a 6000-byte payload to the `serial number` field, which causes the application to crash. The vulnerable component is the serial number input field. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kingdia CD Extractor version 3.0.2 **Description** Kingdia CD Extractor 3.0.2 has a buffer overflow issue in the registration name field. An attacker can provide a malicious payload larger than 256 bytes to overwrite the Structured Exception Handler and achieve remote code execution, potentially through a bind shell. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NoteBurner version 2.35 **Description** NoteBurner version 2.35 contains a buffer overflow issue in the license code input field. An attacker can cause the application to crash by providing a 6000-byte payload in the `Name` and `Code` fields. The vulnerability is triggered when pasting the payload into these fields. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** YouTube Downloader version 1.9.9.1 **Description** The software contains a buffer overflow that allows for arbitrary code execution. An attacker can exploit this by overwriting the Structured Exception Handler (SEH). A malicious payload of 712 bytes with SEH manipulation can be crafted to initiate a bind shell connection on a specified local port. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ether MP3 CD Burner version 1.3.8 **Description** Ether MP3 CD Burner 1.3.8 contains a buffer overflow issue in the registration name field. This allows for remote code execution. An attacker can create a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by exploiting improper input validation. The `registration name` field is the point of exploitation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.