8 matches found
Ali wangwang 2010 remote code execution vulnerability
漏洞复现 阿里旺旺2010版本的ImageMan.dll动态链接库中,有一个COM接口负责处理图片信息,其中有一个函数AutoPic存在漏洞,当在html中加载这个COM接口,并传入特殊字符串时,会由于对字符串长度没有进行检查,在拷贝时读取到不可用地址,从而导致程序进入SEH异常处理,通过超长payload可以覆盖SEH指针从而达到eip可控的效果,下面对此漏洞进行详细分析。 首先安装阿里旺旺2010,之后用IE打开,发现IE崩溃,通过附加windbg,可以到达漏洞崩溃位置。 a5c.628: Access violation - code c0000005 first chance...
CCMPlayer-1.5-Stack-based
Exploit: CCMPlayer 1.5 Stack based Buffer Overflow SEH Exploit .m3u Date: 30 Nov 2011 Author: Rh0 Software: CCMPlayer 1.5 m3u = "C:\" shellcode m3u p/p/r m3u Songs - Add - Files of type: m3u - msf.m3u = exploit filecreatem3u...
CCMPlayer 1.5 Stack based Buffer Overflow (.m3u)
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
FFDshow SEH Exception leading to NULL pointer on Read
No description provided by source. FFDshow SEH Exception leading to NULL pointer on Read Author: Matthew Bergin Website: http://berginpentesting.com/ Email: [email protected] Date: 09/02/10 Filename: C:\Program Files\K-Lite Codec Pack\FFDshow\ffdshow.ax Version: v1.1.3530.0 License: GNU...
CCMPlayer 1.5 Stack based Buffer Overflow (.m3u)
Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
CCMPlayer 1.5 Stack Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'CCMPlayer 1.5 Sta...
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read
FFDshow SEH Exception leading to NULL pointer on Read Author: Matthew Bergin Website: http://berginpentesting.com/ Email: [email protected] Date: 09/02/10 Filename: C:\Program Files\K-Lite Codec Pack\FFDshow\ffdshow.ax Version: v1.1.3530.0 License: GNU General Public License Description...
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read
FFDshow - Overflow SEH Exception Leading to Null Pointer on Read FFDshow SEH Exception leading to NULL pointer on Read Author: Matthew Bergin Website: http://berginpentesting.com/ Email: [email protected] Date: 09/02/10 Filename: C:\Program Files\K-Lite Codec Pack\FFDshow\ffdshow.ax...