CVE-2012-1889 PoC — Microsoft XML Core Services缓冲区错误漏洞

Source

https://github.com/l-iberty/cve-2012-1889

Associated Vulnerability

Title:Microsoft XML Core Services缓冲区错误漏洞 (CVE-2012-1889)
Description:Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

Readme

- `heap_spray` 如何进行精准堆喷射
- `demo` 实战演示

File Snapshot


 [4.0K]  /data/pocs/965a5debd1748fb9516ee014dfa7133482c1555b
├── [4.0K]  demo
│   ├── [5.1K]  cve-2012-1889.html
│   ├── [4.0K]  doc
│   │   └── [1.0M]  CVE-2012-1889.pdf
│   ├── [4.0K]  images
│   │   ├── [ 16K]  1.png
│   │   └── [ 96K]  classid.png
│   ├── [1.6K]  README.md
│   └── [4.0K]  tool
│       └── [4.0K]  gen_shellcode
│           ├── [4.0K]  gen_shellcode
│           │   ├── [3.9K]  gen_shellcode.vcxproj
│           │   ├── [ 935]  gen_shellcode.vcxproj.filters
│           │   └── [4.1K]  main.cpp
│           ├── [ 963]  gen_shellcode.sln
│           └── [ 18K]  gen_shellcode.v12.suo
├── [4.0K]  heap_spray
│   ├── [ 39K]  demo.vsdx
│   ├── [4.0K]  images
│   │   ├── [2.8K]  1.png
│   │   ├── [7.4K]  2.png
│   │   ├── [ 11K]  3.png
│   │   ├── [9.1K]  4.png
│   │   ├── [3.2K]  5.png
│   │   ├── [4.0K]  6.png
│   │   └── [3.8K]  7.png
│   ├── [1.2K]  README.md
│   └── [4.0K]  scripts
│       └── [1.5K]  test.html
└── [  64]  README.md

9 directories, 21 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!