Lucene search
K

23 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit

No description provided by source. $Id: msworkswkspictureinterface.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/25 12:0 a.m.26 views

Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX (Metasploit)

$Id: msworkswkspictureinterface.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/11/26 12:0 a.m.41 views

Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft Works 7...

9.3CVSS6.5AI score0.52033EPSS
Exploits7
Saint
Saint
added 2009/01/08 12:0 a.m.42 views

Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability

Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...

9.3CVSS6.2AI score0.52033EPSS
Exploits7
Metasploit
Metasploit
added 2009/01/05 12:55 a.m.16 views

Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Code Execution

The Microsoft Works ActiveX control WkImgSrv.dll could allow a remote attacker to execute arbitrary code on a system. By passing a negative integer to the WksPictureInterface method, an attacker could execute arbitrary code on the system with privileges of the victim. Change 168430090 /0X0A0A0A0A...

8.1AI score
Exploits0
seebug.org
seebug.org
added 2008/05/11 12:0 a.m.26 views

Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit

No description provided by source. !– The problem is in wkimgsrv.dll module shipped with many MS Offiice Suite tested on MS OF 2003,MS OF 2007 Actually,this is not the case of buffer overflow attack,just a exploit of insecure method WKsPictureInterface...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/05/07 12:0 a.m.13 views

Microsoft Works 7 WkImgSrv.dll ActiveX控件远程代码执行漏洞

BUGTRAQ ID: 28820 Microsoft Works是微软在早期所发布的文件处理程序。 Microsoft Works所带的ActiveX控件实现上存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 Microsoft Works所提供的wkimgsrv.dll库没有安全地调用WKsPictureInterface方式: 00D473BD PUSH EBP ; Begin of Set WksPictureInterface method 00D473BE MOV EBP,ESP 00D473C0 SUB ESP,1C 00D473C3 MOV EAX,DWORD PTR...

6.7AI score
Exploits0
myhack58
myhack58
added 2008/05/04 12:0 a.m.14 views

Microsoft Works 7 WkImgSrv.dll vulnerability-vulnerability warning-the black bar safety net

Many machines pre-loaded with works7, Works 7 WkImgSrv.dll controls overflow html head titleMicrosoft Works 7 WkImgSrv.dll crash POC/title script language="JavaScript" function payload var num = -1; obj. WksPictureInterface = num; /script /head body object...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/02 12:0 a.m.39 views

mswork-insecure.txt

BKIS Research 21/04/2008 - Microsoft Work ActiveX Insecure Method Exploit - ====================================================================== Table of Contents Affected Software....................................................1...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2008/05/02 12:0 a.m.21 views

Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow

Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow MOV ESI,DWORD PTR SS:EBP+8 ; Do some other stuffs, we don't care 00D473D8 LEA EDX,DWORD PTR SS:EBP-1C ; 00D473DB PUSH EDX 00D473DC PUSH EAX 00D473DD MOV DWORD PTR DS:ESI+2A0,EAX ; ============= 00D473E3 == MOV ECX,DWORD PTR DS:EAX ;...

1.1AI score
Exploits0
0day.today
0day.today
added 2008/05/02 12:0 a.m.26 views

Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit

Exploit for unknown platform in category remote exploits ========================================================= Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit ========================================================= MOV ESI,DWORD PTR SS:EBP+8 ; Do some other stuffs, we don't care...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/02 12:0 a.m.42 views

Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow

MOV ESI,DWORD PTR SS:EBP+8 ; Do some other stuffs, we don't care 00D473D8 LEA EDX,DWORD PTR SS:EBP-1C ; 00D473DB PUSH EDX 00D473DC PUSH EAX 00D473DD MOV DWORD PTR DS:ESI+2A0,EAX ; ============= 00D473E3 == MOV ECX,DWORD PTR DS:EAX ; Here is the problem,the data stored by EAX is referenced and mov...

7.4AI score
Exploits0
Prion
Prion
added 2008/04/21 5:5 p.m.22 views

Input validation

A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service browser crash via an invalid WksPictureInterface property value, which triggers an improper...

9.3CVSS8.2AI score0.52033EPSS
Exploits7References7Affected Software2
d2
d2
added 2008/04/21 5:5 p.m.65 views

DSquare Exploit Pack: D2SEC_WORKS7

Name| d2secworks7 ---|--- CVE| CVE-2008-1898 Exploit Pack| D2ExploitPack Description| Microsoft Works 7 WkImgSrv.dll ActiveX Remote Code Execution Vulnerability Notes|...

9.3CVSS3.3AI score0.52033EPSS
Exploits7
NVD
NVD
added 2008/04/21 5:5 p.m.31 views

CVE-2008-1898

A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service browser crash via an invalid WksPictureInterface property value, which triggers an improper...

9.3CVSS7.7AI score0.52033EPSS
Exploits7References7
CVE
CVE
added 2008/04/21 5:0 p.m.57 views

CVE-2008-1898

CVE-2008-1898 affects the WkImgSrv.dll ActiveX control (WksPictureInterface) in Microsoft Works 7 and Microsoft Office 2003/2007. A boundary/argument handling flaw allows remote code execution or browser crash when an invalid WksPictureInterface value is processed, typically via a crafted web pag...

9.3CVSS7.6AI score0.52033EPSS
Exploits7References7Affected Software2
seebug.org
seebug.org
added 2008/04/21 12:0 a.m.12 views

Microsoft Works 7 WkImgSrv.dll crash POC

No description provided by source. html head titleMicrosoft Works 7 WkImgSrv.dll crash POC/title script language="JavaScript" function payload var num = -1; obj.WksPictureInterface = num; /script /head body onload="JavaScript: return payload;"...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/04/18 12:0 a.m.16 views

Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC

No description provided by source. html head titleMicrosoft Works 7 WkImgSrv.dll crash POC/title script language="JavaScript" function payload var num = -1; obj.WksPictureInterface = num; /script /head body onload="JavaScript: return payload;"...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/04/17 12:0 a.m.45 views

Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC)

Microsoft Works 7 WkImgSrv.dll crash POC function payload var num = -1; obj.WksPictureInterface = num; milw0rm.com 2008-04-17...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/04/17 12:0 a.m.21 views

msworks-dos.txt

DLL VERSION 7.03.0616.0 TEST ON IE7+XPSP2CN MYBLOG:http://hi.baidu.com/nansec/ 0DAY? I don't know. POC: Microsoft Works 7 WkImgSrv.dll crash POC function payload var num = -1; obj.WksPictureInterface = num;...

7.4AI score
Exploits0
Rows per page
Query Builder