Computer Security
[EN] securityvulns.ru no-pyccku


Alibaba Alipay ActiveX memory corruption
Published:07.02.2007
Source:
SecurityVulns ID:7192
Type:client
Threat Level:
5/10
Description:Memory free() by controlled address in Remove() function.
CVE:CVE-2007-0827 (The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.)
Original documentdocumentfrankruder_(at)_hotmail.com, [Full-disclosure] Alibaba Alipay Remote Code Execute Vulnerability-0DAY (07.02.2007)
Files:Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod