Exploit Microsoft Infotech Storage Library - Heap Corruption

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
27850
Проверка EDB
  1. Пройдено
Автор
RUBEN SANTAMARTA
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2006-2297
Дата публикации
2006-05-09
Код:
source: https://www.securityfocus.com/bid/17926/info

Microsoft Windows is susceptible to a heap-corruption vulnerability while attempting to read specially crafted CHM or ITS files. This occurs in the 'ITSS.DLL' library.

This vulnerability allows remote attackers to execute arbitrary machine code in the context of applications using the affected library.

Attackers may exploit this issue by coercing users to open malicious CHM or ITS files with Internet Explorer, or when users try to decompile such files using the 'hh -decompile' command. CHM files are considered unsafe files, so there is a possibility that advanced users or security researchers may try to decompile these files to inspect their contents.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27850.chm
 
Источник
www.exploit-db.com

Похожие темы