| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Jul 2006 12:52:49 +0500 From: naveed <naveedafzal@...il.com> To: "nanika@...oot.org" <nanika@...oot.org> Cc: bugtraq@...urityfocus.com Subject: Re: Windows Explorer URL File format overflow in fact if you drop the file in any folder and try to browse that folder the explorer will crash , even further if you try to browse that folder from a File Open Dialog box within any application , the application itself will crash. On 5 Jul 2006 05:53:52 -0000, nanika@...oot.org <nanika@...oot.org> wrote: > Windows Explorer URL File format overflow > > > > Affected Vendor: > > Microsoft > > > Affected Products: > > WindowsXP ALL > > Windows2003 ALL > > > > Vulnerability Details: > > > When explorer.exe parsing *.url file which contains a url as follows format will cause explorer.exe crash. > > > > > > if you create the Exploit.url on Desktop > > > Explorer will Crash...Crash...Crash...Crash...Crash...Crash... > > > > if you will del exploit.url > > open taskmgr.exe > > open cmd.exe > > > then cd your desktop > > > del exploit.url > > > > > > Exploit: > > > [InternetShortcut] > > url=file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file: > > > > Attachment: > > http://hitcon.org/Nanika-desktop_explore_0day.rar > > you can drop in desktop :P > > > > http://hitcon.org > > http://www.chroot.org >
Powered by blists - more mailing lists