| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <200901280031.n0S0V9vB003580@www3.securityfocus.com> Date: Tue, 27 Jan 2009 17:31:09 -0700 From: jplopezy@...il.com To: bugtraq@...urityfocus.com Subject: Internet explorer 7.0 stack overflow Application: Internet explorer 7.0 OS: Windows xp - sp3 - full patch (windows vista don't work!) ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description Internet explorer is a default browser of windows ------------------------------------------------------ Vulnerability The vulnerability is caused when you trying send some data, using a form. This caused a stack overflow with the possibility of running arbitrary code. The bug is in the module "shell32", when you analize with debug returns "stack overflow" and the memory address. ------------------------------------------------------ POC/EXPLOIT http://jplopezy.fortunecity.es/ietest.html ------------------------------------------------------ Juan Pablo Lopez Yacubian
Powered by blists - more mailing lists