Application: Internet explorer 7.0
OS: Windows xp - sp3 - full patch (windows vista don't work!)
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT

------------------------------------------------------
Description

Internet explorer is a default browser of windows

------------------------------------------------------
Vulnerability

The vulnerability is caused when you trying send some data, using a form.
This caused a stack overflow with the possibility of running arbitrary code.

The bug is in the module "shell32", when you analize with debug returns "stack overflow" and the memory address.

------------------------------------------------------
POC/EXPLOIT

http://jplopezy.fortunecity.es/ietest.html

------------------------------------------------------
Juan Pablo Lopez Yacubian

[ reply ]