vbscript.dll regular expression object (RegExp) memory leak

Hello, The following vbscript, which uses the RegExp object, causes memory leak tested under Windows XP SP2 with Script Engine V5.6; when you run it, locate the associated wscript.exe or cscript.exe process in the Windows task manager, then click "OK" in the "Start" message box, and see how the...

CVE-2004-0212

Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an...

Microsoft Windows XP - Task Scheduler '.job' Universal (MS04-022)

/ HOD-ms04022-task-expl.c: MS04-022 Microsoft Windows XP Task Scheduler .job Universal Exploit Exploit version 0.1 coded by .:: houseofdabus ::. at inbox dot ru ------------------------------------------------------------------- Tested on: - Internet Explorer 6.0 SP1 iexplore.exe - Explorer...

Microsoft Windows XP - Task Scheduler .job Universal (MS04-022)

Microsoft Windows XP - Task Scheduler .job Universal MS04-022 / HOD-ms04022-task-expl.c: MS04-022 Microsoft Windows XP Task Scheduler .job Universal Exploit Exploit version 0.1 coded by .:: houseofdabus ::. at inbox dot ru ------------------------------------------------------------------- Tested...

MS Windows XP Task Scheduler (.job) Universal Exploit (MS04-022)

Exploit for unknown platform in category local exploits ================================================================ MS Windows XP Task Scheduler .job Universal Exploit MS04-022 ================================================================ / HOD-ms04022-task-expl.c: MS04-022 Microsoft...

MS04-022: Microsoft Windows Task Scheduler Remote Overflow (841873) (uncredentialed check)

There is a flaw in the Task Scheduler application which could allow a remote attacker to execute code remotely. There are many attack vectors for this flaw. An attacker, exploiting this flaw, would need to either have the ability to connect to the target machine or be able to coerce a local user ...

Microsoft Windows Task Scheduler (XP/2000) - '.job' (MS04-022)

// // Microsoft Windows 2K/XP Task Scheduler Vulnerability MS04-022 // Proof-of-Concept Exploit for English WinXP SP1 // 15 Jul 2004 // // Running this will create a file "j.job". When explorer.exe or any // file-open dialog box accesses the directory containing this file, // notepad.exe will be...

Microsoft Windows Task Scheduler (XP2000) - .job (MS04-022)

Microsoft Windows Task Scheduler XP2000 - .job MS04-022 // // Microsoft Windows 2K/XP Task Scheduler Vulnerability MS04-022 // Proof-of-Concept Exploit for English WinXP SP1 // 15 Jul 2004 // // Running this will create a file "j.job". When explorer.exe or any // file-open dialog box accesses the...

MS Windows 2K/XP Task Scheduler .job Exploit (MS04-022)

Exploit for unknown platform in category local exploits ======================================================= MS Windows 2K/XP Task Scheduler .job Exploit MS04-022 ======================================================= // // Microsoft Windows 2K/XP Task Scheduler Vulnerability MS04-022 //...

CVE-2004-0212

CVE-2004-0212 describes a stack-based buffer overflow in the Windows Task Scheduler (mstask) that affects Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0. The vulnerability occurs in how Task Scheduler handles long parameters in .job files, allowing a remote or local attacker to ex...

CVE-2004-0212

Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an...

Microsoft Security Bulletin MS04-022 Vulnerability in Task Scheduler Could Allow Code Execution (841873)

Microsoft Security Bulletin MS04-022 Vulnerability in Task Scheduler Could Allow Code Execution 841873 Issued: July 13, 2004 Version: 1.0 Summary Who should read this document: Customers who use Microsoft® Windows® Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...

Microsoft Windows Task Scheduler '.job' Stack Overflow

NGSSoftware Insight Security Research Advisory Name: Microsoft Windows Task Scheduler '.job' Stack Overflow Confirmed Systems Affected: Microsoft Windows XP Systems Reportedly Affected: Windows 2000 and Windows NT SP6 with Microsoft Internet Explorer 6. Severity: Critical Vendor URL:...

Microsoft Windows Task Scheduler buffer overflow

Buffer overflow during .job files parsing...

Microsoft Windows Task Scheduler Buffer Overflow

Overview Microsoft Windows Task Scheduler has a buffer overflow that may allow a remote or local intruder to execute arbitrary code. Description Microsoft Windows Task Scheduler Mstask.dll is a COM-based API ActiveX control that provides a scheduling service for executing arbitrary commands on a...

Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability

Description Microsoft Task Scheduler is reported prone to a remote stack-based buffer overflow vulnerability. The source of the vulnerability is that data in '.job' files is copied into an internal buffer without sufficient bounds checking. It is reported that a remote attacker may exploit this...

MS04-022: Task Scheduler Vulnerability (841873)

The remote host is running a version of Windows which contains a flaw in the task scheduler that could lead to arbitrary execution of commands on the remote host. To exploit this vulnerability, an attacker would need to lure a user on the remote host to take certain steps to execute a .job file, ...

CVE-2003-0909

Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."...

CVE-2003-0909

Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."...

CVE-2003-0909

Concrete details show CVE-2003-0909 (Windows Management Vulnerability) affects Windows XP: a local attacker can create elevated-privilege tasks via eventtriggers.exe or Task Scheduler to execute arbitrary code. The MS04-011 bulletin documents the vulnerability and remediation: exploitation requir...