PowerTCP FTP module Multiple Technique Exploit ( SEH Overwrite + HeapSpray )

vendor:

FTP module

by:

Intel

8.8

CVSS

HIGH

SEH Overwrite + HeapSpray

N/A

CWE

Product Name: FTP module

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP SP2 IE7

2008

PowerTCP FTP module Multiple Technique Exploit ( SEH Overwrite + HeapSpray )

A vulnerability in PowerTCP FTP module was found by Intel in 2008. The exploit was written using HeapSpray technique, but it didn't work as the block of heap that contained the address changed after EIP pointed to it. The exploit was tested on Windows XP SP2 IE7.

Mitigation:

N/A

Source

PowerTCP FTP module Multiple Technique Exploit ( SEH Overwrite + HeapSpray )

Mitigation:

Exploit-DB raw data: