Changeset 1503

Timestamp:

01/11/08 15:15:02 (8 months ago)

Author:

jose

Message:

[phoneyc]
add support for NCTsoft NCTAudioFile2 ActiveX Control Remote Buffer Overflow Vulnerability
affects a boatload of products.
CVE-2007-0018

Files:

• phoneyc/trunk/ActiveX.py (modified) (3 diffs)
• phoneyc/trunk/modules/jscript/NCTAudioFile2.js (added)
• phoneyc/trunk/tests/22196.html (added)

phoneyc/trunk/ActiveX.py

@@ -33 +33 @@
-        self.clsid['3B7C8860-D78F-101B-B9B5-04021C009402'] = MSRICHTXT()
-        self.clsid['B617B991-A767-4F05-99BA-AC6FCABB102E'] = MSRICHTXT()
+        self.clsid['77829F14-D911-40FF-A2F0-D11DB8D6D0BC'] = NCTAudioFile2()
-
-        self.clsname = {}
@@ -44 +45 @@
-        self.clsname['HPInfoDLL.HPInfo.1'] = HPInfo()
-        self.clsname['HPRulesEngine.ContentCollection.1'] = HPInfo()
+        self.clsname['NCTAudioFile2.AudioFile.1'] = NCTAudioFile2()
-
-        # set up the pure JScript version
@@ -227 +229 @@
-        self.cve_id = ('CVE-NOMATCH', )
-        self.description = 'Microsoft Rich Textbox Control 6.0 (SP6)'
+
+class NCTAudioFile2(ActiveX):
+    def __init__(self):
+        self.js_src = self.load_js_src('NCTAudioFile2.js')
+        self.classname = 'NCTAudioFile2'
+        self.cve_id = ('CVE-2007-0018', )
+        self.description = 'NCTsoft Products NCTAudioFile2 ActiveX Control'