Application: Internet explorer 7.0 OS: Windows xp - sp3 - full patch (windows vista don't work!) ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description Internet explorer is a default browser of windows ------------------------------------------------------ Vulnerability The vulnerability is caused when you trying send some data, using a form. This caused a stack overflow with the possibility of running arbitrary code. The bug is in the module "shell32", when you analize with debug returns "stack overflow" and the memory address. ------------------------------------------------------ POC/EXPLOIT http://jplopezy.fortunecity.es/ietest.html ------------------------------------------------------ Juan Pablo Lopez Yacubian