Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs

2016-03-01T00:00:00
ID EDB-ID:39512
Type exploitdb
Reporter Shantanu Khandelwal
Modified 2016-03-01T00:00:00

Description

Viscomsoft Calendar Active-X 2.0 Multiple Crash PoCs. Dos exploit for windows platform

                                        
                                            # Exploit Title: Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs
# Date: 01-03-2016
# Exploit Author: Shantanu Khandelwal  Twitter: @shantanu561993 <shantanu561993@gmail.com>
# Vendor Homepage: http://www.viscomsoft.com/
# Software Link: http://www.viscomsoft.com/downloads/calendar.html
# Version: 2.0
# Tested on: Windows XP IE-8 , Windows 7 IE-8

Multiple Vulnerabilities found in calender.ocx file
Multiple Access violations

POC: 

https://www.dropbox.com/s/rtakkmw9ru55lbn/CALENDARLib.zip?dl=0
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39512.zip