Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) (MS08-021)

EDB-ID:

6656

CVE:

2008-1087 2008-1083

EDB Verified:

Author:

Ac!dDrop

Type:

remote

Exploit:   /  

Platform:

Windows

Date:

2008-10-02

Vulnerable App: 
EMR_COLORMATCHTOTARGETW stack buffer overflow exploit
By Ac!dDrop

This is one of the 2 Vulnerabilities of MS08-021

Tested on Windows xp professional SP1
GDi32.dll    5.1.2600.1106
kernel32.dll 5.1.2600.1106
ws2_32.dll   5.1.2600.0

calc.zip---> executes calculator
IE.zip and localhost.zip ------>  connects at localhost at port 230


On Windows Xp Sp2 only causes Denial of service.
 -(Vulnerable function guarded with a GS cookie)
 -(The function which copies data to stack has an exception handler which recovers from access violations so u cant exploit it by hitting next page ).

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/6656.tgz (2008-Gdi.tgz)

# milw0rm.com [2008-10-02]
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services