cmd.exe Unicode Buffer Overflow (SEH)(情報元のブックマーク数)
cmd.exeにUNICODEなバッファオーバーフローが存在らしい。
# Exploit Title: cmd.exe Unicode Buffer Overflow (SEH)
# Date: 7/8/2010
# Author: bitform
# Software Link: N/A
# Version: N/A
# Tested on: Windows Server 2003 SP2 and Windows XP SP2
# CVE : none1) Acknowledgements
Props to Dan Crowley (@dan_crowley) at Core Security Technologies
for doing the research on Windows File Pseudonyms and coming up
with the idea for this buffer overflow.His presentation can be found here:
Microsoft Windows - 'cmd.exe' Unicode Buffer Overflow (SEH)
www.sourceconference.com/bos10pubs/windows%20file%20pseudonyms.pptx