header-logo
Suggest Exploit
vendor:
Windows XP
by:
milw0rm.com
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Windows XP
Affected Version From: Windows XP SP3
Affected Version To: Windows 2003 SP2
Patch Exists: YES
Related CWE: CVE-2008-4609
CPE: o:microsoft:windows_xp::sp3
Metasploit: https://www.rapid7.com/db/vulnerabilities/cisco-nx-os-cisco-sa-20090908-tcp24/https://www.rapid7.com/db/vulnerabilities/cisco-sa-20090908-tcp24/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3, Windows 2003 SP2
2008

ExplorerDOS

ExplorerDOS is a buffer overflow vulnerability in Microsoft Windows Explorer which allows an attacker to execute arbitrary code on the vulnerable system. The vulnerability is caused due to a boundary error within the handling of .LNK files. By creating a specially crafted .LNK file, an attacker may be able to execute arbitrary code with the privileges of the user running the application. This vulnerability affects Windows XP SP3 and Windows 2003 SP2.

Mitigation:

Microsoft has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

Sucessfully tested on Microsoft Windows Xp Pro sp3 English.
If you open with Winzip sometimes the exeption doesen't occur.
Just right click the file and explorer will crash.
|---
CMP BYTE PTR DS:[EDX+EAX-1],2E

ESP 0007E328
EBP 0007E358

Access Violation [FFFFFFFF]
---|

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/6616.zip (2008-ExplorerDOS.zip)

# milw0rm.com [2008-09-28]

Navigation

Suggest Exploit

Services By CQR