This exploit demonstrates a buffer overflow vulnerability in IconLover v5.42, leveraging a JMP ESP instruction to redirect execution to a NOP sled followed by shellcode that spawns calc.exe. The payload is crafted to bypass bad characters and is delivered via a maliciously crafted input file.
Classification
Working Poc 95%
Target:
IconLover v5.42 and v5.45
No auth needed
Prerequisites:
Victim must open the maliciously crafted file in IconLover · Target system must be running Windows XP SP2 or a compatible environment