Full Disclosure mailing list archives
Re: Windows (XP SP2) Remote code executionwithparameters
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Tue, 28 Dec 2004 07:05:45 -0800
hhctrl.ocx is not installed by default in all SP1s but is on all SP2. Therefore when the exploit page tries to create the object he cannot find it so it tries to install it. On SP2 it exists by default therefore created silently.
i replied to this because of this statement by the O.P.. "Any system running any Microsoft Windows XP edition with Internet Explorer 6 or higher, even with SP2 applied." this suggests that all XP are affected by default, including sp2. cheers, m.w p.s. I have noticed that the final pre-release of SP2 is much better ( in my experience ) performance and security wise. ( and it retains raw sockets ). In SP2rc2, IE6 popup blocker stopped the PoC at default settings. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Windows (XP SP2) Remote code execution withparameters morning_wood (Dec 27)
- Message not available
- Re: Windows (XP SP2) Remote code executionwithparameters morning_wood (Dec 28)
- Message not available