Microsoft Visual Basic 6.0 Project (Company Name) Stack overflow PoC
VB6.0のプロジェクトの会社名欄にスタックオーバーフローの脆弱性が存在するそうです。
#Details: # Owned Registers are ESI and EDI. Compnay name is dumped at Memory Address of : 04520020. Due to stack overflow USER32 stuck into loop (that last # for more then 30 minutes in testing). # # The CPU usuage becomes 100% causing the system to become unstable and can crash the OS if enduser is on low system memory. This vulnerability can # be exploit to cause DOS or Previledge escilation. UNICODE exploitation must be implemented in order to exploit this vulnerability. # The generated Binary File is also attached which cann't display any of details of vendor information in EXE format (due to overflow). # #Debug Details: # This is the debug details which clearly mention the loop in which exception got stuck, causing it to occur again and again