[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Windows (XP SP2) Remote code executionwithparameters

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Windows (XP SP2) Remote code executionwithparameters
From: "morning_wood" <se_cur_ity@xxxxxxxxxxx>
Date: Tue, 28 Dec 2004 07:05:45 -0800

> hhctrl.ocx is not installed by default in all SP1s but is on all SP2.
> Therefore when the exploit page tries to create the object he cannot
> find it so it tries to install it. On SP2 it exists by default therefore
> created silently.

i replied to this because of this statement by the O.P..

"Any system running any Microsoft Windows XP edition with Internet Explorer
6
or higher, even with SP2 applied."
this suggests that all XP are affected by default, including sp2.

cheers,

m.w

p.s. I have noticed that the final pre-release of SP2 is much better ( in my
experience )
performance and security wise. ( and it retains raw sockets ). In SP2rc2,
IE6 popup
blocker stopped the PoC at default settings.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] /bin/rm file access vulnerability
Next by Date: Re: [Full-Disclosure] Heap overflow in Mozilla Browser <= 1.7.3 NNTP code.
Previous by thread: [Full-Disclosure] (no subject)
Next by thread: RE: [Full-Disclosure] List of worm and trojan files
Index(es):
- Date
- Thread