Microsoft Windows – Assembly Execution (MS12-005)

• Exploit Database
• 12 阅读

• 作者： Byoungyoung Lee
  日期： 2012-01-14
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/18372/

• # Exploit Title: MS12-005 : Microsoft Windows Assembly Execution Vulnerability
  # Date: 1/14/2012
  # Author: Byoungyoung Lee, http://exploitshop.wordpress.com
  # Version: Windows 7 32bit, fully patched until Jan 2012
  # Tested on: Windows 7 32bit
  # CVE : CVE-2012-0013
  
  PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/18372.docm
  
  Open the document file, then allow the macro execution. This will
  execute python script (python interpreters are required).
  DEMO : http://www.youtube.com/watch?v=Odi6HiqzmL8&feature=youtu.be&hd=1