Real Name | Eduardo Braun Prado |
---|---|
Email address | private |
First Active | 2006-02-20 |
Last Active | 2022-06-03 |
Microsoft Windows Help (Winhlp32) contains an HLP file loading hijack vulnerability because programs that invokes help from HLP files passes relative paths, causing it to load HLP files from the directory in which it was started, if they exist. Proof of concept code included.
555250bab20bf8be89a3b9e62da9fd89d8bfae7044864dbc0df99dbc189d1d0e
This Metasploit module exploits a vulnerability mainly affecting Microsoft Windows XP and Windows 2003. The vulnerability exists in the handling of the Screen Saver path, in the [boot] section. An arbitrary path can be used as screen saver, including a remote SMB resource, which allows for remote code execution when a malicious .theme file is opened, and the "Screen Saver" tab is viewed.
29aaf07dcb5542222f7a271a446b80f5ab4686dc9025e8ce1f3c8d7045454193
Multiple Microsoft Windows 98/ME/2000/XP/2003 HTML Help file loading hijack vulnerabilities exist. Proof of concept included.
84465488b511cd9a9bc47e5238c9e17dffafd6132f7761481d27a835c68d1123
The MS HTML Help control activex is prone to a remote CHM help file hijack vulnerability when applications invoke help. Multiple built-in applications are vulnerable to this. The impact of the vulnerability is the loading of the incorrect CHM help file when it resides in the same directory the application invoking help starts in. This proof of concept exploit leverages Notepad to demonstrate the vulnerability.
d554dfbaf395542e7dbce75391389ccf6d9ee1129f374497120bd915602e661e
By naming a file without a name, the Windows XP firewall may inadvertently trick a user into allowing a malicious application to run.
cad8f6954428ca2eddfad293271e4550156b0d16a95b58c6520d7938abb972b8
A bug in Mirabiliz ICQ could allow an attacker to trick users into executing files inside an uploaded directory.
10228c07178e00f18f25f0c83f9b4267a5e75001f5907b2cb5739f6183a36609