Valid HTML 4.01 Transitional Valid CSS Valid SVG 1.0

Me, myself & IT

Exploits for MS15-132

Exploits for MS15-132 using Internet Explorer

ELS.dll, loads ELSExt.dll
ELS.dll, loads ELSExt.dll
ELS.dll, loads ELSExt.dll
RACEngn.dll
COMSvcs.dll, loads MQRT.dll
PerfTrack.dll
MSDAOra.dll, loads OCI.dll and/or OCIW32.dll

Exploit for MS15-132 using Windows Scripting Host

Download OCIW32.dll and save it in an arbitrary directory, then create the VBScript file MS15-132.VBS with the following single statement
WScript.CreateObject("MSDAORA")
in the same directory and start it per double-click.

Contact

If you miss anything here, have additions, comments, corrections, criticism or questions, want to give feedback, hints or tipps, report broken links, bugs, errors, inaccuracies, omissions, vulnerabilities or weaknesses, …:
don’t hesitate to contact me and feel free to ask, comment, criticise, flame, notify or report!

Use the X.509 certificate to send S/MIME encrypted mail.

Notes: I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see your full (real) name as sender, not your nickname!
Emails in weird formats and without a proper sender name are likely to be discarded.
I abhor top posts and expect inline quotes in replies.

Terms and Conditions

By using this site, you signify your agreement to these terms and conditions. If you do not agree to these terms and conditions, do not use this site!

Data Protection Declaration

This web page records no data and sets no cookies.

The service provider for *.homepage.t-online.de, Deutsche Telekom AG,


Copyright © 1995–2018 • Stefan Kanthak • <‍stefan‍.‍kanthak‍@‍nexgo‍.‍de‍>