This Metasploit module exploits a code execution vulnerability that occurs when a user presses F1 on MessageBox originated from VBscript within a web page. When the user hits F1, the MessageBox help functionality will attempt to load and use a HLP file from an SMB or WebDAV (if the WebDAV redirector is enabled) server. This particular version of the exploit implements a WebDAV server that will serve HLP file as well as a payload EXE. During testing warnings about the payload EXE being unsigned were witnessed. A future version of this module might use other methods that do not create such a warning.
78422f19ea0d8bce6a74c02e6e26e1840301ad3c5fdd0f923caed537a2c47c13
This Metasploit module exploits a code execution vulnerability that occurs when a user presses F1 on MessageBox originated from VBscript within a web page. When the user hits F1, the MessageBox help functionality will attempt to load and use a HLP file from an SMB or WebDAV (if the WebDAV redirector is enabled) server. This particular version of the exploit implements a WebDAV server that will serve HLP file as well as a payload EXE. During testing warnings about the payload EXE being unsigned were witnessed. A future version of this module might use other methods that do not create such a warning.
f83f40fb588e34999fbe38619333368187e38c873789888c011448074585069e
Internet Explorer versions 6, 7, and 8 suffer from an arbitrary command execution vulnerability related to winhlp32.exe.
ce8c868aaeb05091eebf05d2264a9ae0a388169e7afa4691506db33a26a57fc9
A heap overflow in Mozilla browser versions 1.7.3 and below in the NNTP code may allow for arbitrary code execution.
d6dc6a959b8812c3ef22ec8765b647390f6ac1056c0d6c36d151eedf7bb4bf0e