幻影旅团

Ph4nt0m Security Team

Subscribe to RSS feed

Posts tagged with "qq"

[Advisory]Tencent QQ QQzone WebCtrl Activex空指针引用漏洞(0day)

By ph4nt0m. Tuesday, February 13, 2007 3:07:04 AM

qq, buffer overflow

by axis(axis_at_ph4nt0m.org)
http://www.ph4nt0m.org

Date: 2007-02-13

摘要:

QQ是由Tencent公司开发的一个IM软件，在中国有着非常广泛的用户。幻影旅团的axis发现了一个QQZone的activex漏洞。在使用WebCtrl

方法时，将引用一个空指针，造成ie崩溃。由于该activex没有标记为safe，故会出现安全提示。

影响版本:

Tencent QQ2006/2007及之前所有版本。

Ph4nt0m Security Team

Join this group

Blog search

Members (12)

Show all members

Latest comments

anonymous

Анонімний writes: Houses are quite expensive and not everyb ...
anonymous

Анонімний writes: All people deserve very good life and cre ...
anonymous

Анонімний writes: All people deserve wealthy life and perso ...
anonymous

Анонімний writes: Эксклюзивный интерьер дизайн квартиры, на ...
anonymous

Анонімний writes: Some time ago, I needed to buy a car for ...
anonymous

Анонімний writes: Don't you acknowledge that it is correct ...

Poll

您希望本blog更多的关注哪个方面的内容?

每天的安全新闻、业界动态
(7%)
最新漏洞信息和相关分析
(64%)
原创文章和心得
(29%)
安全圈子里的内幕曝光、八卦新闻
(0%)
其他
(0%)

Total: 14 votes

幻影成员blog

大风
axis' blog
云舒
云舒's blog
luoluo
luoluo's blog
ayazero
aya's blog
cloie
cloie's blog
zzzevazzz
zzzevazzz's blog
superhei
superhei's blog
czy
czy's blog

Ph4nt0m相关

Ph4nt0m Mailing Lists
幻影的邮件列表!
幻影Exploit研究院
幻影Exploit研究院
Ph4nt0m HomePage
Ph4nt0m HomePage

Recent visitors

Download Opera - Surf the Web with lightning speed, using the fastest browser ever.

Help/FAQ | Terms