{"vulnerability": "CVE-2023-34312", "sightings": [{"uuid": "9b3766b6-ec14-407b-bc33-62b3c8028393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34312", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4878", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1a\u590d\u73b0CVE-2023-34312\u6240\u9700\u7684\u4e24\u4e2a\u6076\u610fdll\u6587\u4ef6\nURL\uff1ahttps://github.com/lan1oc/CVE-2023-34312-exp\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-07T13:15:02.000000Z"}, {"uuid": "0c09bac0-3aea-4272-9c91-ee9112d9a0b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34312", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/977", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34312\n\ud83d\udd39 Description: In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-09T17:04:11.829Z\n\ud83d\udd17 References:\n1. https://github.com/vi3t1/qq-tim-elevation", "creation_timestamp": "2025-01-09T17:17:24.000000Z"}, {"uuid": "29837484-0f0b-46fb-9bb4-7835bccbb550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34312", "type": "seen", "source": "https://t.me/arpsyndicate/18", "content": "#ExploitObserverAlert\n\nCVE-2023-34312\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-34312. In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.\n\nFIRST-EPSS: 0.000430000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-09T12:08:37.000000Z"}]}