Computer Security

Alibaba Alipay ActiveX memory corruption
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Alibaba Alipay ActiveX memory corruption
Published:07.02.2007
Source:FULL-DISCLOSURE
SecurityVulns ID:7192
Type:client
Level:5/10
Description:Memory free() by controlled address in Remove() function.
CVE:CVE-2007-0827 (The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.)
Original documentdocumentfrankruder_(at)_hotmail.com, [Full-disclosure] Alibaba Alipay Remote Code Execute Vulnerability-0DAY (07.02.2007)
Files:Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru