Full Disclosure mailing list archives
Re: Microsoft Windows LoadImage API IntegerBuffer overflow
From: "Berend-Jan Wever" <skylined () edup tudelft nl>
Date: Sat, 25 Dec 2004 20:57:41 +0100 (CET)
Since the exploit published by flashsky is a rip off of my IE exploit script published in the IFRAME exploit, it will probably be caught by some IDS/AV signatures as being the IFRAME exploit. Cheers, SkyLined
This vul can be exploited, at http://www.xfocus.net/flashsky/icoExp/index.html ,i give a test exp(open 28876 port) for windows xp sp1, but it need html sctipt run and allocate memory. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Microsoft Windows LoadImage API IntegerBuffer overflow Berend-Jan Wever (Jan 04)