CVE-2012-0985

Sony VAIO PC Wireless LAN Wizard 1.0-4.11 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-0985. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary The exploit demonstrates a buffer overflow vulnerability in Sony VAIO Wireless Manager via crafted HTML/JS that triggers unsafe methods in WifiMan.dll. It crashes the application by passing oversized strings to SetTmpProfileOption() or ConnectToNetwork().

Description

Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method.

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · htmldoswindows

https://www.exploit-db.com/exploits/18958

View Code ZIP pw:eip

The exploit demonstrates a buffer overflow vulnerability in Sony VAIO Wireless Manager via crafted HTML/JS that triggers unsafe methods in WifiMan.dll. It crashes the application by passing oversized strings to SetTmpProfileOption() or ConnectToNetwork().

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Sony VAIO Wireless Manager 4.0.0.0

No auth needed

Prerequisites: Victim must visit a malicious webpage · Sony VAIO Wireless Manager 4.0.0.0 or prior installed

MITRE ATT&CK