- IObit Malware Fighter 9.4.0.776, IMFCameraProtect.sys 7.0.7.29
- https://www.iobit.com/en/malware-fighter.php
Denial of Service
From IoControlCode 0x8018E008, there is global buffer overflow when calling memmove with the src address and size controllable, which leads to denial of service or other impacts.
In the attached file DoS2.zip, there are DoS2.exe, DoS2.cpp, iobit_malware_fighter_setup.exe, and IMFCameraProtect.sys. DoS2.exe is the PoC to cause DoS where iobit_malware_fighter_setup.exe which contains the vulnerable driver IMFCameraProtect.sys is installed, and DoS2.cpp is the source code of DoS2.exe. To reproduce the issue, install iobit_malware_fighter_setup.exe and execute DoS2.exe. It is expected that the system will crash (BSOD) once DoS2.exe is executed. Password for attachment: DoS2 https://drive.google.com/file/d/1RmFSm1sQWwQXPXjkeZtgf8q51hGD8tTf/view?usp=sharing