header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
k`sOSe
9.3
CVSS
HIGH
Remote Code Execution
119
CWE
Product Name: Internet Explorer
Affected Version From: 7.0.5730.13
Affected Version To: 7.0.5730.13
Patch Exists: YES
Related CWE: CVE-2008-4844
CPE: a:microsoft:internet_explorer:7.0.5730.13
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2008

Internet Explorer 7.0.5730.13 – ‘iesploit’ Remote Code Execution

This module exploits a vulnerability in Internet Explorer 7.0.5730.13. The vulnerability is triggered when a user visits a malicious web page containing specially crafted HTML code. This code will cause a stack-based buffer overflow, allowing arbitrary code execution.

Mitigation:

Upgrade to Internet Explorer 8 or later.
Source

Exploit-DB raw data:

// k`sOSe 12/10/2008 - tested on winxp sp3, explorer 7.0.5730.13

// windows/exec - 141 bytes                                                                     
// http://www.metasploit.com                                                                    
// EXITFUNC=seh, CMD=C:\WINDOWS\system32\calc.exe  

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/7403.zip (2008-iesploit.tar.gz)

# milw0rm.com [2008-12-10]

Navigation

Suggest Exploit

Services By CQR