Welcome,
Guest
. Please
login
or
register
.
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Home
Help
Search
Login
Register
Malware Domain List
»
Malware Related
»
Tools of the trade / Internet News
»
VMware COM API ActiveX Exploit
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: VMware COM API ActiveX Exploit (Read 4348 times)
0 Members and 1 Guest are viewing this topic.
September 04, 2008, 06:13:15 pm
Read 4348 times
tjs
Special Members
Sr. Member
Offline
248
VMware COM API ActiveX Exploit
A vulnerability in VMware's COM API ActiveX allows remote attackers to cause it to overflow an internal buffer which in turn can be used to execute abitrary code. Exploit/vuln testing code available here:
http://www.securiteam.com/exploits/5WP040UPFQ.html
From the perspective of MDL and malware analysis-- this vuln can be embedded on malware distribution sites in order to specifically attack machines running in a vmware emulated environment... The class ID to watch out for is:
38DB77F9-058D-4955-98AA-4A9F3B6A5B06. My usual request applies-- please let me know if you find this in the wild, even though I know nobody will.
TJS
Logged
September 04, 2008, 06:17:06 pm
Reply #1
sowhat-x
Guest
Re: VMware COM API ActiveX Exploit
...this is certainly gonna be re-used in newer web-based exploit packs...
Logged
September 04, 2008, 08:47:45 pm
Reply #2
CM_MWR
Special Members
Hero Member
Offline
319
Re: VMware COM API ActiveX Exploit
Patch was released some days ago in a update i got,it had 2 others with it as well,both with the same capabilities affecting workstations 5 through 6 but I dont know about player or any other products.
Logged
Print
Pages: [
1
]
Go Up
« previous
next »
Malware Domain List
»
Malware Related
»
Tools of the trade / Internet News
»
VMware COM API ActiveX Exploit