Immunity Canvas: IE_HELP

2010-03-03T19:30:00
ID IE_HELP
Type canvas
Reporter Immunity Canvas
Modified 2010-03-03T19:30:00

Description

Name| ie_help
---|---
CVE| CVE-2010-0483
Exploit Pack| CANVAS
Description| ie_help
Notes| CVE Name: CVE-2010-0483
VENDOR: Microsoft
Notes:
Use from httpserver with name ie_help.

Options are:
[message] - Message of the MessageBox to be displayed to the user
default: "Press F1 to stop this"
Must not be quoted, spaces are not allowed.

[title] - Title of the MessageBox to be displayed to the user
default: "Attention!"
Must not be quoted, spaces are not allowed.

[infiniteloop] - True/False, if the MessageBox should be launched
in an infinite loop
default: False

Example: [Arguments:] message:Press_F1! title:Hey infiniteloop=True

Use as root, need port 443 for SMB incoming connections.

Commandline usage example:
sudo ./exploits/httpserver/httpserver.py -v 1 -O singleexploit:ie_help -l 192.168.30.1 -d 5555 -p 80
./commandlineInterface.py -v 1 -p 5555

Repeatability: Infinite (client side - no crash)
MSADV: MS10-022
CVS URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0483
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0483
Date public: 03/01/2010
CVSS: 7.6