Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

MFC Overflow Test Code

From: "Matthew Murphy" <mattmurphy () kc rr com>
Date: Fri, 12 Jul 2002 18:53:30 -0500
I have been working on a piece of test code for the MFC
buffer overflow reported in BID 5188.  The code has now
been completed.

The exploit is simply a DoS exploit that will overwrite heap
data in a vulnerable ISAPI with 0x41 characters ('A').

The overwritten data contains pointers accessed by MFC42.DLL,
usually resulting in an access violation.

Exploit Code: http://www.murphy.101main.net/mfcisapi.c
Advisory: http://www.murphy.101main.net/vulns/2002-12.shtml

"The reason the mainstream is thought
of as a stream is because it is
so shallow."
                     - Author Unknown
Previous By Date Next
Previous By Thread Next

Current thread: