Internet explorer 7.0 stack overflow

2009.02.01

Credit: jplopezy

Risk: High

Local: Yes

Remote: No

CVE: CVE-2009-0341

CWE: CWE-119

CVSS Base Score: 9.3/10

Impact Subscore: 10/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: Complete

Integrity impact: Complete

Availability impact: Complete

Application: Internet explorer 7.0
OS: Windows xp - sp3 - full patch (windows vista don't work!)
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT

------------------------------------------------------
Description

Internet explorer is a default browser of windows

------------------------------------------------------
Vulnerability

The vulnerability is caused when you trying send some data, using a form.
This caused a stack overflow with the possibility of running arbitrary code.

The bug is in the module "shell32", when you analize with debug returns "stack overflow" and the memory address.

------------------------------------------------------
POC/EXPLOIT

http://jplopezy.fortunecity.es/ietest.html

------------------------------------------------------
Juan Pablo Lopez Yacubian

References:

http://www.securityfocus.com/archive/1/archive/1/500472/100/0/threaded

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Internet explorer 7.0 stack overflow

References:

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Internet explorer 7.0 stack overflow

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.