I have been working on a piece of test code for the MFC
buffer overflow reported in BID 5188. The code has now
been completed.
The exploit is simply a DoS exploit that will overwrite heap
data in a vulnerable ISAPI with 0x41 characters ('A').
The overwritten data contains pointers accessed by MFC42.DLL,
usually resulting in an access violation.
Exploit Code: http://www.murphy.101main.net/mfcisapi.c
Advisory: http://www.murphy.101main.net/vulns/2002-12.shtml
"The reason the mainstream is thought
of as a stream is because it is
so shallow."
- Author Unknown
