<html>
<!--
j-integra v2.11 Remote code execution vulnerability
Discovered on: Thursday, October 28, 2010, 10:10:12 PM
Download: http://j-integra.intrinsyc.com/
Author: bz1p, bz1p@bshellz.net
impact: LOW, due to the object NOT marked safe for scripting
Tested on: XP SP3 IE7
CVE: ? (0day)
NOTE:
This vuln was silently patched by the developers (v2.12), hence I am providing
this PoC. They did not change the versions for DCOMConfig.dll, so I can only
conclude that they are sneaky and should be slapped for backdooring
software and making customers pay mula.
-->
<!--
It has also been reported by Dr_IDE that the following methods
are also vulnerable to the same exploit:
target.RemoveAccessPermission arg1 ,arg2
target.AddLaunchPermission arg1 ,arg2
target.AddAccessPermission arg1 ,arg2
-->