Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit)

$Id: iecreateobject.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

Internet Explorer COM CreateObject Code Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3...

MS06-014 Microsoft Internet Explorer COM CreateObject Code Execution

This module exploits a generic code execution vulnerability in Internet Explorer by abusing vulnerable ActiveX objects. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule HttpClients::IE, In badly...

Microsoft Visual Studio “WMI Object Broker”控件代码执行漏洞（MS06-073）

Microsoft Visual Studio是微软公司的开发工具套件系列产品，是一个基本完整的开发工具集，包括了软件整个生命周期中所需要的大部分工具。 Visual Studio的"WMI Object Broker"控件在例程的创建和处理上存在漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意恶意代码。 Visual Studio所捆绑的WMI Object Broker ActiveX控件允许创建系统上已有的ActiveX控件例程。以这种方式创建的ActiveX对象会绕过ActiveX安全限制，如忽略kill bit和safe for...

MS06-073: Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)

The remote host is running a version of Microsoft Visual Studio 2005 that is vulnerable to a buffer overflow when handling malformed WMI request in the ActiveX component. An attacker may exploit this flaw to execute arbitrary code on this host, by entice a use to visit a specially crafter web pag...