CVE-2012-4552

PLIB 1.8.5 - Stack-Based Buffer Overflow in ssgParser Error Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-4552. PoCs published by Andrés Gómez.

AI-analyzed exploit summary This exploit generates a malformed ASE file to trigger a stack-based buffer overflow in Plib's ssgParser.cxx, leading to arbitrary code execution via a shellcode payload. It targets the 3dconvert utility in FlightGear by crafting a corrupted file that exploits the vulnerability when processed.

Description

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.

Exploits (1)

exploitdb WORKING POC

by Andrés Gómez · clocalwindows

https://www.exploit-db.com/exploits/21831

View Code ZIP pw:eip

This exploit generates a malformed ASE file to trigger a stack-based buffer overflow in Plib's ssgParser.cxx, leading to arbitrary code execution via a shellcode payload. It targets the 3dconvert utility in FlightGear by crafting a corrupted file that exploits the vulnerability when processed.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Plib 1.8.5 (via FlightGear's 3dconvert utility)

No auth needed

Prerequisites: FlightGear's 3dconvert utility installed · Ability to deliver the malicious ASE file to the target

MITRE ATT&CK