CVE-2012-3794

Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Denial of Service via Crafted Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3794.

AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflow, and unhandled exceptions. The writeup provides disassembly snippets and root cause analysis but does not include functional exploit code.

Description

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large amount of memory.

Exploits (1)

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/18878

View Code ZIP pw:eip

This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflow, and unhandled exceptions. The writeup provides disassembly snippets and root cause analysis but does not include functional exploit code.

Classification

Writeup 100%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Pro-face Pro-Server EX <= 1.30.000, WinGP PC Runtime <= 3.1.00

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK