CVE-2012-3795

Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Denial of Service via Crafted Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3795.

AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflow, and unhandled exceptions. The writeup provides disassembly snippets and explains the root causes but does not include functional exploit code.

Description

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode and a large value in a size field.

Exploits (1)

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/18878

View Code ZIP pw:eip

This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflow, and unhandled exceptions. The writeup provides disassembly snippets and explains the root causes but does not include functional exploit code.

Classification

Writeup 100%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Pro-face Pro-Server EX <= 1.30.000, WinGP PC Runtime <= 3.1.00

No auth needed

Prerequisites: Network access to the vulnerable service

MITRE ATT&CK