CVE-2018-15832 PoC — Ubisoft Uplay Desktop Client 安全漏洞

Source

https://github.com/JacksonKuo/ubisoft-uplay-desktop-client-63.0.5699.0

Associated Vulnerability

Title:Ubisoft Uplay Desktop Client 安全漏洞 (CVE-2018-15832)
Description:Ubisoft Uplay Desktop Client是法国育碧娱乐（Ubisoft Entertainment）软件公司的一套游戏平台的桌面客户端应用程序。该平台包含了PC游戏大厅和在线销售平台，支持PC玩家以此为大厅彼此连结，进行各种游戏间的互动，并提供玩家线上的游戏销售服务。 Ubisoft Uplay Desktop Client 63.0.5699.0版本中的upc.exe文件存在安全漏洞，该漏洞源于程序在使用用户提交的字符串执行系统调用之前，没有对其进行验证。远程攻击者可借助恶意的页面或文件

Description

CVE-2018-15832

Readme

# ubisoft-uplay-desktop-client-63.0.5699.0

File Snapshot


 [4.0K]  /data/pocs/06fca2323e30adb4ac5450153f7efb770280bf75
├── [  43]  README.md
└── [ 69M]  UplayInstaller.exe

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!