Baidu search tyrants toolbar downloads arbitrary file execution vulnerability with exploit code
Thanks anonymous posting
News source: http://SecLists.org
Baidu search tyrants toolbar appears high risk vulnerabilities, visit a malicious Web page, download Trojans do, the latest version of the tool is also affected by the vulnerability. Baidu search PA called C:\Program Files\baidubar\BaiduBar.dll files provide ActiveX interface for a Web page, but one of the DloadDS function, allows an attacker to execute arbitrary code on the victim machine.
DloadDS function provides three parameters, namely the URL address, do the file names, and whether to display. When the URL to. cab end, found big Mac will download this file to a temporary directory, then execute in exe.
Test addresses are:
After you click on the test will run Calc.exe (Calculator)
For more information see: http://seclists.org/fulldisclosure/2007/Aug/0015.html