CVE-2012-3793

Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Denial of Service via Crafted Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3793.

AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflows, and unhandled exceptions. The writeup provides disassembly snippets, root cause analysis, and exploitation details but does not include functional exploit code.

Description

Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer overflow.

Exploits (1)

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/18878

View Code ZIP pw:eip

This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflows, and unhandled exceptions. The writeup provides disassembly snippets, root cause analysis, and exploitation details but does not include functional exploit code.

Classification

Writeup 100%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Pro-face Pro-Server EX <= 1.30.000, WinGP PC Runtime <= 3.1.00

No auth needed

Prerequisites: Network access to the vulnerable service

MITRE ATT&CK