Services Vulnerabilities Exploits Publications News Blog About DSecRG


[15] Oracle Document Capture (EasyMail Objects EMSMTP.DLL 6.0.1) ActiveX Control BOF - JIT-Spray Exploit

This is the exploit for QuikSoft EasyMail ActiveX emsmtp.dll (v. 6.0.1)
This DLL is used in :
PostCast PostCast Server Pro 3.0.61
Oracle Document Capture 10.1.3.5

Exploit uses JIT-Spray and
return address in emsmtp.dll code for hardware DEP bypass in IE8

Shellcode make reverse connect on localhost on port 4444

#####################################

http://dsecrg.com/files/exploits/QuikSoft-reverse.zip



Exploits RSS RSS
03.05.2010
[17] ProSSHD v 1.2. Remote bind shell exploit (w/ASLR and DEP bypass using ROP)

05.03.2010
[16] SAP GUI 7.10 WebViewer3D ActiveX - JIT-Spray Exploit

05.03.2010
[15] Oracle Document Capture (EasyMail Objects EMSMTP.DLL 6.0.1) ActiveX Control BOF - JIT-Spray Exploit

15.02.2010
[14] Oracle Document Capture (EasyMail Objects EMSMTP.DLL 6.0.1) ActiveX Control BOF - hardware DEP bypass

15.02.2010
[13] Oracle Document Capture (EasyMail Objects EMSMTP.DLL 6.0.1) ActiveX Control BOF

18.02.2009
[12] Oracle Database SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger (metasploit module)

Exploits list


© 2002—2014, ERPScan
For quoting or using materials from this site
link is obligatory

+44 (20) 81334493    e-mail: research@dsecrg.com
Rss: Vulnerabilities, Exploits, News, Publications, Summary
Search