This is a functional proof-of-concept exploit for a denial-of-service (DoS) vulnerability in an ActiveX control (CLSID: CDF8A044-74AF-4045-AE13-D8AEDF802538). The exploit triggers an access violation by passing a malformed string argument to the 'ShowDlg' method, causing a crash in Internet Explorer.
Classification
Working Poc 95%
Target:
Internet Explorer with vulnerable ActiveX control (CLSID: CDF8A044-74AF-4045-AE13-D8AEDF802538)
No auth needed
Prerequisites:
Internet Explorer with the vulnerable ActiveX control installed and enabled