MS Windows GDI Image Parsing Stack Overflow Exploit (MS08-021)

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : MS Windows GDI Image Parsing Stack Overflow Exploit (MS08-021)
# Published : 2008-04-14
# Author : Lamhtz
# Previous Title : DivX Player 6.7 SRT File Subtitle Parsing Buffer Overflow Exploit
# Next Title : DivX Player 6.6.0 SRT File SEH Buffer Overflow Exploit

/////////////////////////////////////////////////////////////
///Exploit the MS08-021 : Stack Overflow on GDI API
///Author: Lamhtz
///Date: April 14th, 2008
///Usage: <appname.exe> [filename]
///Function: Generate a crafted emf file which could 
///          automatically run calc.exe in Win2kSP4 CHS Version
///			 with MS07-046 patched but no MS08-021 is installed.
///			 In Windows XP SP2, explorer.exe will crashed but
///          calc will not be run.
/////////////////////////////////////////////////////////////

http://www.milw0rm.com/sploits/2008-exploit_08021.zip

// www.Syue.com [2008-04-14]