Microsoft Windows GDI - Image Parsing Stack Overflow Exploit MS08-021

2008-04-14T00:00:00
ID EDB-ID:5442
Type exploitdb
Reporter Lamhtz
Modified 2008-04-14T00:00:00

Description

MS Windows GDI Image Parsing Stack Overflow Exploit (MS08-021). CVE-2008-1083,CVE-2008-1087. Local exploit for windows platform

                                        
                                            /////////////////////////////////////////////////////////////
///Exploit the MS08-021 : Stack Overflow on GDI API
///Author: Lamhtz
///Date: April 14th, 2008
///Usage: <appname.exe> [filename]
///Function: Generate a crafted emf file which could 
///          automatically run calc.exe in Win2kSP4 CHS Version
///			 with MS07-046 patched but no MS08-021 is installed.
///			 In Windows XP SP2, explorer.exe will crashed but
///          calc will not be run.
/////////////////////////////////////////////////////////////

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/5442.zip (2008-exploit_08021.zip)

// milw0rm.com [2008-04-14]