CVE-2012-4992

FlashFXP 4.2 - Authenticated Remote Code Execution via Long Unicode String to TListbox or TComboBox

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-4992. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary The document describes a buffer overflow vulnerability in FlashFXP v4.1.8.1701, triggered by manipulating the Skip-List filter with a large Unicode string, leading to ECX and EIP overwrite. It includes detailed steps for reproduction and crash logs but lacks executable exploit code.

Description

Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.

Exploits (1)

exploitdb WRITEUP

by Vulnerability-Lab · textremotewindows

https://www.exploit-db.com/exploits/18555

View Code ZIP pw:eip

The document describes a buffer overflow vulnerability in FlashFXP v4.1.8.1701, triggered by manipulating the Skip-List filter with a large Unicode string, leading to ECX and EIP overwrite. It includes detailed steps for reproduction and crash logs but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: FlashFXP v4.1.8.1701

No auth needed

Prerequisites: Local or remote access to FlashFXP client · Ability to modify Skip-List filter settings

MITRE ATT&CK