-
-
[讨论]为什么有些2年前的漏洞现在依然存在?
-
发表于: 2009-7-30 10:54
-
这些天拜读shineastdh的文章
[2007-08-15]暴风影音II mps.dll ActiveX栈溢出漏洞(my 0day)
链接:867K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4Z5K9h3&6W2j5i4y4@1i4K6u0W2P5h3)9J5i4K6u0W2j5$3&6Q4x3V1k6S2M7Y4c8A6j5$3I4W2M7#2)9J5c8U0t1H3x3o6N6Q4x3X3b7H3z5q4)9J5k6o6p5#2i4K6t1#2k6e0k6Q4x3U0f1&6j5g2)9J5y4h3t1@1i4K6t1#2k6e0W2Q4x3U0g2S2x3#2)9J5y4e0S2W2i4K6t1#2k6e0g2Q4x3U0g2T1k6q4)9J5y4h3t1I4i4K6t1#2k6e0W2Q4x3U0f1&6k6W2)9J5y4h3t1K6K9h3W2Q4x3X3c8E0M7s2y4V1L8r3I4Q4x3X3c8S2j5%4c8A6N6X3g2^5i4K6t1#2k6e0k6Q4x3U0g2S2x3q4)9J5y4e0R3^5i4K6t1#2k6e0k6Q4x3U0g2T1j5g2)9J5y4h3p5J5i4K6t1#2k6e0g2Q4x3U0f1^5y4#2)9J5y4h3u0S2i4K6t1#2k6e0k6Q4x3U0g2T1j5#2)9J5y4e0S2X3i4K6t1#2k6e0k6Q4x3U0g2T1y4q4)9J5y4e0W2W2L8i4W2Q4x3X3b7H3k6r3q4&6i4K6u0V1x3W2)9J5k6h3S2@1L8h3H3`.
经过测试这些漏洞还是有的啊?只不过瑞星能检测出来罢了,如果把瑞星关了就检测不出来了,
随便写一些shellcode放到里面,测试了好多个ActiveX,只要参数是字符串的,都会有同样的漏洞,造成了IE的卡死!!!(我的是IE8)
为什么2年前的漏洞现在还有?难道漏洞曝光之后就是杀毒软件能检测出来了?而漏洞依然存在??这也太不可思议了吧?
[2007-08-15]暴风影音II mps.dll ActiveX栈溢出漏洞(my 0day)
链接:867K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4Z5K9h3&6W2j5i4y4@1i4K6u0W2P5h3)9J5i4K6u0W2j5$3&6Q4x3V1k6S2M7Y4c8A6j5$3I4W2M7#2)9J5c8U0t1H3x3o6N6Q4x3X3b7H3z5q4)9J5k6o6p5#2i4K6t1#2k6e0k6Q4x3U0f1&6j5g2)9J5y4h3t1@1i4K6t1#2k6e0W2Q4x3U0g2S2x3#2)9J5y4e0S2W2i4K6t1#2k6e0g2Q4x3U0g2T1k6q4)9J5y4h3t1I4i4K6t1#2k6e0W2Q4x3U0f1&6k6W2)9J5y4h3t1K6K9h3W2Q4x3X3c8E0M7s2y4V1L8r3I4Q4x3X3c8S2j5%4c8A6N6X3g2^5i4K6t1#2k6e0k6Q4x3U0g2S2x3q4)9J5y4e0R3^5i4K6t1#2k6e0k6Q4x3U0g2T1j5g2)9J5y4h3p5J5i4K6t1#2k6e0g2Q4x3U0f1^5y4#2)9J5y4h3u0S2i4K6t1#2k6e0k6Q4x3U0g2T1j5#2)9J5y4e0S2X3i4K6t1#2k6e0k6Q4x3U0g2T1y4q4)9J5y4e0W2W2L8i4W2Q4x3X3b7H3k6r3q4&6i4K6u0V1x3W2)9J5k6h3S2@1L8h3H3`.
经过测试这些漏洞还是有的啊?只不过瑞星能检测出来罢了,如果把瑞星关了就检测不出来了,
随便写一些shellcode放到里面,测试了好多个ActiveX,只要参数是字符串的,都会有同样的漏洞,造成了IE的卡死!!!(我的是IE8)
为什么2年前的漏洞现在还有?难道漏洞曝光之后就是杀毒软件能检测出来了?而漏洞依然存在??这也太不可思议了吧?
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
很多知道熬夜对身体不好的人仍然会熬夜
|
