Jump to content
xisto Community
k221405241470

Microsoft Windows "mshta" Code Execution Exploit

By k221405241470, in Security issues & Exploits

Recommended Posts

k221405241470    0

k221405241470
Posted

From SecurityFocus http://forums.xisto.com/no_longer_exists/

There is a _New_ exploit which affects the MSHTA (Microsoft HTML Application Host), using a simple program it's possible to create file from a *.hta with a _strange_ extenstion(*.foo *.ghgh *.asd) and this file will be executed by the MSHTA so if u put some malicious Vbs or JS in the *.hta the risk is very high....

http://imp.ovh.net/fr/
this is the source of the program to create the malicious files

I've tested it on Xp Sp1 and Xp SP2 and both system were affected maybe also in the previous version of MSHTA there is this problem


'njoy :P

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept