vendor:
Microsoft Jet
by:
Tal Zeltzer
7.5
CVSS
HIGH
Reverse Shell Exploit
Not specified
CWE
Product Name: Microsoft Jet
Affected Version From: Not specified
Affected Version To: Not specified
Patch Exists: Not specified
Related CWE: Not specified
CPE: Not specified
Platforms Tested: Windows XP Service Pack 1
Not specified
Microsoft Jet (msjet40.dll) Reverse Shell Exploit
This exploit takes advantage of a vulnerability in the Microsoft Jet database engine (msjet40.dll) to execute a reverse shell. It is based on an exploit written by S.Pearson and coded by Tal Zeltzer. The exploit uses a return address of 0x77F51B93, which is the address of 'jmp edx' in ntdll.dll. The exploit includes a reverse connect shellcode from Metasploit.
Mitigation:
Not specified
