23 matches found
Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit
No description provided by source. $Id: msworkswkspictureinterface.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX (Metasploit)
$Id: msworkswkspictureinterface.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft Works 7...
Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability
Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...
Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Code Execution
The Microsoft Works ActiveX control WkImgSrv.dll could allow a remote attacker to execute arbitrary code on a system. By passing a negative integer to the WksPictureInterface method, an attacker could execute arbitrary code on the system with privileges of the victim. Change 168430090 /0X0A0A0A0A...
Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit
No description provided by source. !– The problem is in wkimgsrv.dll module shipped with many MS Offiice Suite tested on MS OF 2003,MS OF 2007 Actually,this is not the case of buffer overflow attack,just a exploit of insecure method WKsPictureInterface...
Microsoft Works 7 WkImgSrv.dll ActiveX控件远程代码执行漏洞
BUGTRAQ ID: 28820 Microsoft Works是微软在早期所发布的文件处理程序。 Microsoft Works所带的ActiveX控件实现上存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 Microsoft Works所提供的wkimgsrv.dll库没有安全地调用WKsPictureInterface方式: 00D473BD PUSH EBP ; Begin of Set WksPictureInterface method 00D473BE MOV EBP,ESP 00D473C0 SUB ESP,1C 00D473C3 MOV EAX,DWORD PTR...
Microsoft Works 7 WkImgSrv.dll vulnerability-vulnerability warning-the black bar safety net
Many machines pre-loaded with works7, Works 7 WkImgSrv.dll controls overflow html head titleMicrosoft Works 7 WkImgSrv.dll crash POC/title script language="JavaScript" function payload var num = -1; obj. WksPictureInterface = num; /script /head body object...
mswork-insecure.txt
BKIS Research 21/04/2008 - Microsoft Work ActiveX Insecure Method Exploit - ====================================================================== Table of Contents Affected Software....................................................1...
Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow
Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow MOV ESI,DWORD PTR SS:EBP+8 ; Do some other stuffs, we don't care 00D473D8 LEA EDX,DWORD PTR SS:EBP-1C ; 00D473DB PUSH EDX 00D473DC PUSH EAX 00D473DD MOV DWORD PTR DS:ESI+2A0,EAX ; ============= 00D473E3 == MOV ECX,DWORD PTR DS:EAX ;...
Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit
Exploit for unknown platform in category remote exploits ========================================================= Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit ========================================================= MOV ESI,DWORD PTR SS:EBP+8 ; Do some other stuffs, we don't care...
Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow
MOV ESI,DWORD PTR SS:EBP+8 ; Do some other stuffs, we don't care 00D473D8 LEA EDX,DWORD PTR SS:EBP-1C ; 00D473DB PUSH EDX 00D473DC PUSH EAX 00D473DD MOV DWORD PTR DS:ESI+2A0,EAX ; ============= 00D473E3 == MOV ECX,DWORD PTR DS:EAX ; Here is the problem,the data stored by EAX is referenced and mov...
Input validation
A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service browser crash via an invalid WksPictureInterface property value, which triggers an improper...
DSquare Exploit Pack: D2SEC_WORKS7
Name| d2secworks7 ---|--- CVE| CVE-2008-1898 Exploit Pack| D2ExploitPack Description| Microsoft Works 7 WkImgSrv.dll ActiveX Remote Code Execution Vulnerability Notes|...
CVE-2008-1898
A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service browser crash via an invalid WksPictureInterface property value, which triggers an improper...
CVE-2008-1898
CVE-2008-1898 affects the WkImgSrv.dll ActiveX control (WksPictureInterface) in Microsoft Works 7 and Microsoft Office 2003/2007. A boundary/argument handling flaw allows remote code execution or browser crash when an invalid WksPictureInterface value is processed, typically via a crafted web pag...
Microsoft Works 7 WkImgSrv.dll crash POC
No description provided by source. html head titleMicrosoft Works 7 WkImgSrv.dll crash POC/title script language="JavaScript" function payload var num = -1; obj.WksPictureInterface = num; /script /head body onload="JavaScript: return payload;"...
Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC
No description provided by source. html head titleMicrosoft Works 7 WkImgSrv.dll crash POC/title script language="JavaScript" function payload var num = -1; obj.WksPictureInterface = num; /script /head body onload="JavaScript: return payload;"...
Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC)
Microsoft Works 7 WkImgSrv.dll crash POC function payload var num = -1; obj.WksPictureInterface = num; milw0rm.com 2008-04-17...
msworks-dos.txt
DLL VERSION 7.03.0616.0 TEST ON IE7+XPSP2CN MYBLOG:http://hi.baidu.com/nansec/ 0DAY? I don't know. POC: Microsoft Works 7 WkImgSrv.dll crash POC function payload var num = -1; obj.WksPictureInterface = num;...