Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: development of wordpad exploit

From: keydet89 () YAHOO COM (Harlan Carvey)
Date: Fri, 19 Nov 1999 09:12:10 -0800

<hypoclear () JUNGLE NET> wrote:

I light of the latest windows vulnerability in
wordpad, it would be great if in this forum we could
develop an exploit for it.  As of now details of the
vulnerability are on the net, however no exploit
exists yet.  This would be an excellent opportunity
for all of us who don't really know how to code
exploits (yet) to see all the details of developing
one.  Anyone else like this idea?!?


Ah, but an exploit does exist.  See the listing of the
vulnerability at the SecurityFocus site.

Want an idea of how to use it?  The AeDebug key, by
default, allows Everyone write-access.  Cool.  Change
the data of the Debugger value to point to the User
Manager executable.  That's all it takes.

Carv
__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com
Previous By Date Next
Previous By Thread Next

Current thread: