Viscomsoft Calendar Active-X 2.0 - Multiple Crashes (PoC)

EDB-ID:

39512

CVE:

N/A




Platform:

Windows

Date:

2016-03-01


# Exploit Title: Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs
# Date: 01-03-2016
# Exploit Author: Shantanu Khandelwal  Twitter: @shantanu561993 <shantanu561993@gmail.com>
# Vendor Homepage: http://www.viscomsoft.com/
# Software Link: http://www.viscomsoft.com/downloads/calendar.html
# Version: 2.0
# Tested on: Windows XP IE-8 , Windows 7 IE-8

Multiple Vulnerabilities found in calender.ocx file
Multiple Access violations

POC: 

https://www.dropbox.com/s/rtakkmw9ru55lbn/CALENDARLib.zip?dl=0
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39512.zip