[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FD] Multiple Buffer Overflows in .NetFramework v4.03 - Win 8.0 Pro - x64
- To: "Full Disclosure. Mailing list" <fulldisclosure@xxxxxxxxxxxx>
- Subject: [FD] Multiple Buffer Overflows in .NetFramework v4.03 - Win 8.0 Pro - x64
- From: Nick Prowse <nick_prowse34@xxxxxxxxxxx>
- Date: Sun, 15 Mar 2015 13:35:16 +0000 (UTC)
Multiple Buffer Overflows in .NetFramework v4.03
Researcher: Nicholas Prowse
Filename: ngen.exe
MD5: ca72696a9861f14cf76f1637b8e6bc44File size: 139264 bytes
Operating System: Windows 8.0
OS Version: Pro
Architecture: x64
Description: MS Common Language Runtime Native Compiler
Image Path: C:\Windows\.Microsoft.NET\Frameworkv4.0.30319\ngen.exe
Operations (Registry Activity): RegQueryValue and RegEnumKey
Registry Keys referenced:
-
HKLM\SOFTWARE\Wow3264Node\Microsoft\.NetFramework\v2.0.50727\NGenService\Roots
and its Subkeys
- HKLM\SOFTWARE\Microsoft\.NetFramework\v2.0.50727\NGenService\Roots and its
SubKeys
- HKU\.Default\Control Panel\Desktop\MuiCached\MachinePreferedUILanguages
Proof-of-concept or exploit code: None availableImpact: Not yet known
Steps to reproduce:Install Windows 8.0 x64 from disk. Once installed started
capture with Procmon v3.1. Started Diagnostic Troubleshooting Wizard. Multiple
entries with "Buffer overflow" visible in Process Monitor capture.
Further info:Pml file of capture is available for further investigation
including possible Stack Trace.- The same .pml file contains Diagnostic
Troubleshooting Wizard Buffer overflows that has been reported to Microsoft via
email separately.
Timeline:
The issue has been made publicly available on 11/03/2015 on
www.nicholasprowse.co.uk/vulnerability-research.htmlEmailed MS on
12/03/2015.Received email from MSRC on 12/03/2015 opening case.
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/