染雾from: http://hi.baidu.com/inking26/blog/item/9c2ab11c4784e5aa86d6b6c1.html
使用DOM操作IMG节点的SRC设置nameProp属性填充调用栈,控制eax!
直接落入0c0c0c0c!!
0:024> g
(16d8.10a4): Unknown exception - code 8001010d (first chance)
ModLoad: 5dd50000 5de73000 C:\WINDOWS\system32\msxml3.dll
ModLoad: 3e350000 3e404000 C:\WINDOWS\system32\jscript.dll
(16d8.10a4): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=0c0c0c0c ebx=00000000 ecx=5dda652c edx=00000001 esi=0c0c0c0c edi=0164d1c8
eip=5dd8d7d5 esp=0164ce68 ebp=0164cf84 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206
msxml3!_dispatchImpl::InvokeHelper+0x9f:
5dd8d7d5 8b08 mov ecx,dword ptr [eax] ds:0023:0c0c0c0c=????????
修复方案:
临时解决方案:
http://support.microsoft.com/kb/2719615
装微软推荐的安全软件:
http://techn
慢慢等微软补丁!
