Today I got out of the way of a lecture and slipped into the lab to kill some time. For a while now I’ve been weary of the labs setups, running Internet Explorer 6 and seemly rarely updated software. So I decided to check out some activex components for bugs. Not to mention the other unsafe looking functions, one called “ExecutePreferredApplication” really caught my eye. Bada-bing, Bada-boom:
arg1=”C:/WINDOWS/system32/calc.exe”
target.ExecutePreferredApplication arg1
I didn’t have much time to play with it, but at the least you can execute programs and probably tag some parameters on there too to make it really nice. And yes, it is safe for scripting and safe for initialize (SfS/SfI). PAWWeb11.ocx is the one with the problem, a component of Peachtree Accounting. Now the version installed was version 2004, but assume all the versions with PAWWeb11.ocx vulnerable as well, since this doesn’t look like an issue thats been public until now. You can find the full exploit code @ Milw0rm or some other security sites.
http://jbrownsec.blogspot.com/2008/09/peachtree-accounting-is-not-safe.html
