CVE-2012-4054

CPE17 Autorun Killer < 1.7.1 - Buffer Overflow via Crafted INF File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-4054. PoCs published by Xenithz xpt.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in CPE17 Autorun Killer <= 1.7.1 via a maliciously crafted 'autorun.inf' file. It leverages a JMP ESP instruction to redirect execution to alphanumeric-encoded shellcode, achieving remote code execution when the file is processed.

Description

Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and earlier allows physically proximate attackers to execute arbitrary code via a crafted inf file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Xenithz xpt · rubylocalwindows
https://www.exploit-db.com/exploits/18792

This exploit targets a stack buffer overflow in CPE17 Autorun Killer <= 1.7.1 via a maliciously crafted 'autorun.inf' file. It leverages a JMP ESP instruction to redirect execution to alphanumeric-encoded shellcode, achieving remote code execution when the file is processed.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CPE17 Autorun Killer <= 1.7.1
No auth needed
Prerequisites: Victim must process the malicious 'autorun.inf' file (e.g., via USB insertion)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/18792
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75238
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/81496
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53286

Scores

EPSS 0.0116
EPSS Percentile 63.0%

Details

CWE
CWE-119
Status published
Products (1)
cpe17/autorun_killer < 1.7.1
Published Jul 25, 2012
Tracked Since Feb 18, 2026