[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Internet explorer 7.0 stack overflow
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Internet explorer 7.0 stack overflow
- From: jplopezy@xxxxxxxxx
- Date: Tue, 27 Jan 2009 17:31:09 -0700
Application: Internet explorer 7.0
OS: Windows xp - sp3 - full patch (windows vista don't work!)
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
------------------------------------------------------
Description
Internet explorer is a default browser of windows
------------------------------------------------------
Vulnerability
The vulnerability is caused when you trying send some data, using a form.
This caused a stack overflow with the possibility of running arbitrary code.
The bug is in the module "shell32", when you analize with debug returns "stack
overflow" and the memory address.
------------------------------------------------------
POC/EXPLOIT
http://jplopezy.fortunecity.es/ietest.html
------------------------------------------------------
Juan Pablo Lopez Yacubian