Microsoft Internet Explorer 11 (Windows 10) – VBScript Memory Corruption (MS16-051)

Exploit Database
19 阅读

作者： Brian Pak

日期： 2016-06-22
类别：
- local
平台：
- windows
来源：https://www.exploit-db.com/exploits/40118/

Source: https://github.com/theori-io/cve-2016-0189

# CVE-2016-0189
Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)

Tested on Windows 10 IE11.

### Write-up
http://theori.io/research/cve-2016-0189

### To run
1. Download `support/*.dll` (or compile \*.cpp for yourself) and `exploit/*.html` to a directory.
2. Serve the directory using a webserver (or python's simple HTTP server).
3. Browse with a victim IE to `vbscript_bypass_pm.html`.
4. (Re-fresh or re-open in case it doesn't work; It's not 100% reliable.)

Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40118.zip

last Exploits
Microsoft Internet Explorer 11 (Windows 10) – VBScript Memory Corruption (MS16-051)的更多信息

TeamViewer 11.0.65452 (x64) – Local Credentials Disclosure：
Chromium 83 – Full CSP Bypass：
logrotten 3.15.1 – Privilege Escalation：
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation：
Naenara Browser 3.5 (RedStar 3.0 Desktop) – ‘JACKRABBIT’ Client-Side Command Execution：
Thomson Reuters Fixed Assets CS 13.1.4 – Local Privilege Escalation：
ScanGuard Antivirus 2020 – Insecure Folder Permissions：
Dynojet Power Core 2.3.0 – Unquoted Service Path：