Crimson Editor – Overwrite (SEH)

Exploit Database
7 阅读

作者： sharpe

日期： 2010-03-18
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/11803/

A vulnerability exists in the way Crimson Editor reads file types from within configuration files and can be exploited, by malicious people, to compromise a vulnerable system.

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code, by tricking a user into using a maliciously constructed configuration file (cedt.cfg).

This vulnerability is confirmed in Crimson Editor version 3.70.

A PoC configuration file can be downloaded here:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11803.zip (cedt.zip)


Ref:

* http://www.crimsoneditor.com/

last Exploits
Crimson Editor – Overwrite (SEH)的更多信息

Google Chrome 72.0.3626.81 – ‘V8TrustedTypePolicyOptions::ToImpl’ Type Confusion：
Novell Groupwise Messenger 2.1.0 – Memory Corruption：
AVS Media Player 4.1.11.100 – ‘.ac3’ Denial of Service：
Microsoft Edge Chakra JIT – Memory Corruption：
Remote Desktop Gateway – ‘BlueGate’ Denial of Service (PoC)：
GNU binutils – ‘disassemble_bytes’ Heap Overflow：
iOS Kernel – IOReportHub Use-After-Free：
WebKit JSC – ‘AbstractValue::set’ Use-After-Free：