E17-0wj91
CVSS:
7.5 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
f
Variants:
1
Year:
2017
Description
This strike exploits a stack buffer overflow vulnerability in Easy File Sharing Web Server.
The vulnerability is due to a lack of boundary checking on user input when requesting sendmail.ghp resource.
By exploiting this vulnerability, an attacker could execute arbitrary code in the security context of user.
NOTE: Strike will launch calc.exe when run in OneArm mode. Verified against Easy File Sharing Web Server Version 7.2 running on Windows 7 x86 with DEP and ASLR disabled.