CVE-2012-3796

Pro-face Pro-Server EX < 1.30.000 & WinGP PC Runtime < 3.1.00 - Sensitive Info Exposure via Crafted Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3796.

AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflow, and unhandled exceptions. The writeup provides disassembly snippets and explains the root causes but does not include functional exploit code.

Description

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode.

Exploits (1)

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/18878

View Code ZIP pw:eip

This is a detailed technical analysis of multiple vulnerabilities in Pro-face Pro-Server EX and WinGP PC Runtime, including memory corruption, integer overflow, and unhandled exceptions. The writeup provides disassembly snippets and explains the root causes but does not include functional exploit code.

Classification

Writeup 100%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Pro-face Pro-Server EX <= 1.30.000, WinGP PC Runtime <= 3.1.00

No auth needed

Prerequisites: Network access to the vulnerable service

MITRE ATT&CK