[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Virtual PC 2007 BUG
From:       Walied Assar <waliedassar () gmail ! com>
Date:       2012-10-31 13:14:42
Message-ID: CANxSaHDqf5EFrDeJ4bbre+oBm-cnTxHL7QbeHO_T-fTPUVZr3g () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hello,

I have found a bug in Virtual PC 2007 that may be considered as some kind
of Denial Of Service. Any user can execute certain sequence of x86
instructions to force the the VM to restart.

Description:
http://waleedassar.blogspot.com/2012/10/virtual-pc-machine-reset.html

POC:
http://code.google.com/p/ollytlscatch/downloads/detail?name=VirtualPC_IntError.exe

N.B. I have not tested any other Virtualization Product from the same
vendor. The bug is confirmed only on Virtual PC 2007 6.0.156.0.

Kind Regards
Waliedassar
http://www.twitter.com/waleedassar

[Attachment #5 (text/html)]

<div dir="ltr">Hello,<br><br>I have found a bug in Virtual PC 2007 that may be considered 
as some kind of Denial Of Service. Any user can execute certain sequence of x86 instructions to \
force the the VM to restart.<br><br>Description:<br><a \
href="http://waleedassar.blogspot.com/2012/10/virtual-pc-machine-reset.html" \
target="_blank">http://waleedassar.blogspot.com/2012/10/virtual-pc-machine-reset.html</a><br>

<br>POC:<br><a href="http://code.google.com/p/ollytlscatch/downloads/detail?name=VirtualPC_IntError.exe" \
target="_blank">http://code.google.com/p/ollytlscatch/downloads/detail?name=VirtualPC_IntError.exe</a><br>
 <br>N.B. I have not tested any other Virtualization Product from the same vendor. The bug is \
confirmed only on Virtual PC 2007 6.0.156.0.<br><br>Kind Regards<br>Waliedassar<br><a \
href="http://www.twitter.com/waleedassar" \
target="_blank">http://www.twitter.com/waleedassar</a></div>



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic