Full Disclosure mailing list archives

RE: Windows (XP SP2) Remote code execution with parameters

From: "Goencz, Otto" <OGoencz () ghi com>
Date: Tue, 28 Dec 2004 08:22:21 -0500

On my box, WinXP with SP2, the PoC worked as described...

-----Original Message-----
From: ShredderSub7 SecExpert [mailto:shreddersub7 () hotmail com] 
Sent: Monday, December 27, 2004 7:24 PM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Windows (XP SP2) Remote code execution with
parameters

PoC (called CMDExe): http://www.freewebs.com/shreddersub7/htm.htm
Discussion: http://www.freewebs.com/shreddersub7/expl-discuss.htm

------------------Which systems are vulnerable?--------
Any system running any Microsoft Windows XP edition with Internet Explorer 6

or higher, even with SP2 applied.
Any system running any Microsoft Windows Server 2003 edition with Internet 
Explorer 6 or higher.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Windows (XP SP2) Remote code execution with parameters ShredderSub7 SecExpert (Jan 03)
- Message not available
  - Re: Windows (XP SP2) Remote code executionwithparameters Rafel Ivgi (Jan 03)
- <Possible follow-ups>
- RE: Windows (XP SP2) Remote code execution with parameters Goencz, Otto (Jan 06)