/*****************************************************************************

* Microsoft Windows .doc File Malformed Pointers DoS *

* *

* *

* *

* Just move your mouse on the file and explorer crashes. If it does not try *

* to look at file properties. *

* Bug comes from Ole32.dll: *

* CMP DWORD PTR DS:[EAX EBX],3 and we can set EAX, EDX and ESI with arbitrary *

* values. *

* *

* Check the file, magic offsets are *

* 4460 -> EDX *

* 4519 -> ESI *

* *

* *

* Successfully tested on Windows 2000 SP4 FR and XP SP2 FR. *

* *

* Coded by Marsu <MarsupilamiPowa@hotmail.fr> *

*****************************************************************************/

【MS Windows (.doc File) Malformed Pointers Denial of Service Exploit】相关文章：

★ Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber Exploit

★ BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploit

★ Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit

★ jSite 1.0 OE (SQL/LFI) Multiple Remote Vulnerabilities

★ FreeBSD mcweject 0.9 (eject) Local Root Buffer Overflow Exploit

★ BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability

★ moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit

★ Microsoft Access (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit

★ Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

★ Debian Sarge Multiple IMAP Server Denial of Service Exploit