tag:blogger.com,1999:blog-38014853245563813262024-03-22T02:12:34.429-07:00MoAxB - Month of ActiveX BugUnknownnoreply@blogger.comBlogger35125tag:blogger.com,1999:blog-3801485324556381326.post-81489736599928587732007-05-30T16:07:00.000-07:002007-05-30T07:06:43.497-07:00MoAxB #30: Zenturi ProgramChecker ActiveX (sasatl.dll) Arbitrary file download/overwrite Exploit<span style="font-size:85%;"><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070530/zenturi.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070530/zenturitxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com81tag:blogger.com,1999:blog-3801485324556381326.post-37399680484947317342007-05-29T12:18:00.000-07:002007-05-30T03:17:13.669-07:00MoAxB #29: EDraw Office Viewer Component (edrawofficeviewer.ocx v. 4.0.5.20) Denial of Service Exploit<span style="font-size:85%;"><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070529/edrawhttp.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070529/edrawhttptxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com55tag:blogger.com,1999:blog-3801485324556381326.post-84216222392623582972007-05-28T11:31:00.000-07:002007-05-30T02:30:40.059-07:00MoAxb #28: EDraw Office Viewer Component (edrawofficeviewer.ocx v. 4.0.5.20) Unsafe Method Vulnerability<span style="font-size:85%;"><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070528/edraw.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070528/edrawtxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com41tag:blogger.com,1999:blog-3801485324556381326.post-10872830470136133142007-05-27T18:13:00.000-07:002007-05-28T09:13:24.899-07:00MoAxB #27: LeadTools Raster ISIS Object (LTRIS14e.DLL v. 14.5.0.44) Remote Buffer Overflow Exploit<span style="font-size:85%;"><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070527/leadrasterisis.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070527/leadrasterisistxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com41tag:blogger.com,1999:blog-3801485324556381326.post-15776916437319311132007-05-26T15:14:00.000-07:002007-05-27T06:14:14.361-07:00MoAxB #26: LeadTools Raster OCR Document Object Library (ltrdc14e.dll v. 14.5.0.44) Remote Memory corruption Exploit<span style="font-size:85%;"><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070526/leadocr.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070526/leadocrtxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com43tag:blogger.com,1999:blog-3801485324556381326.post-18719849958739152392007-05-25T14:18:00.000-07:002007-05-25T05:07:16.448-07:00MoAxB #25: LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL v. 14.5.0.44) Remote Buffer Overflow Exploit<span style="font-size:85%;"><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070525/leadrdfd.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070525/leadrdfdtxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com36tag:blogger.com,1999:blog-3801485324556381326.post-21926652482221193062007-05-24T12:42:00.000-07:002007-05-24T03:41:01.517-07:00MoAxB #24: LeadTools Raster Dialog File Object (LTRDF14e.DLL v. 14.5.0.44) Remote Buffer Overflow Exploit<span style="font-size:85%;"><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070524/leaddfo.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070524/leaddfotxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com34tag:blogger.com,1999:blog-3801485324556381326.post-66891774135880191522007-05-23T11:15:00.000-07:002007-05-23T02:14:34.228-07:00MoAxB #23: Microsoft Office 2000 (OUACTRL.OCX v. 1.0.1.9) "HelpPopup" method Remote Buffer Overflow and winhlp32.exe Denial of Service<span style="font-family: courier new;font-size:85%;" >E alla fine arriva Microsoft :-)<br /><br /><a href="http://www.shinnai.altervista.org/moaxb/20070523/ouactrl.html">Dimostrazione online</a><br /><br /><a href="http://www.shinnai.altervista.org/moaxb/20070523/ouactrltxt.html">Formato testo</a><br /><br />Contenuto dei registri:<br /></span><pre style="font-family: courier new;" id="line21"><span style="font-size:85%;">EAX 00000000<br />ECX 7E39EC0C USER32.7E39EC0C<br />EDX 7C91EB94 ntdll.KiFastSystemCallRet<br />EBX 38CFD2D0 OUACTRL.38CFD2D0<br />ESP 01D0F434 UNICODE "aaaa..."<br />EBP 00610061<br />ESI 02ACC86C<br />EDI 00000000<br /><br />EIP 00610061</span></pre><span style="font-size:85%;"><br /></span>Unknownnoreply@blogger.com10tag:blogger.com,1999:blog-3801485324556381326.post-6889136774334760692007-05-22T15:56:00.000-07:002007-05-25T02:18:36.368-07:00MoAxB #22 Bonus: Dart ZipLite Compression for ActiveX (DartZipLite.dll v. 1.8.5.3) Remote Buffer Overflow Exploit<span style="font-size:85%;"><span style="font-family:courier new;">Bonus</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070522/dartziplite.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070522/dartziplitetxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-3801485324556381326.post-78894893323775901982007-05-22T10:31:00.000-07:002007-05-22T01:30:49.481-07:00MoAxB #22: LeadTools ISIS Control (ltisi14E.ocx v. 14.5.0.44) Remote Buffer Overflow Exploit<span style="font-size:85%;"><span style="font-family: courier new;">Oggi non ho voglia di commentare...</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070522/leadisis.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com8tag:blogger.com,1999:blog-3801485324556381326.post-75395272837619780982007-05-21T12:24:00.000-07:002007-05-21T03:23:38.477-07:00MoAxB #21: LeadTools Raster Variant Object Library (LTRVR14e.dll v. 14.5.0.44) Remote Arbitrary File Overwrite<span style="font-size:85%;"><span style="font-family: courier new;">E' possibile, usando il metodo "<span style="font-weight: bold;">WriteDataToFile</span>" di questo ActiveX, sovrascrivere con dati random il contenuto di file arbitrariamente.</span><br /><span style="font-family: courier new;">Tale operazione risulta rischiosa in quanto, modificando il contenuto di file come system.ini, si può compromettere il funzionamento del pc di un utente.</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070521/ltrvol.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070521/ltrvoltxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-3801485324556381326.post-66929423704694974562007-05-20T19:44:00.000-07:002007-05-18T10:45:47.732-07:00MoAxB #20: LeadTools Raster Thumbnail Object Library (LTRTM14e.DLL v. 14.5.0.44) Remote Stack-Based Buffer Overflow<span style="font-size:85%;"><span style="font-family: courier new;">Stessa ragione del post MoAxB #19 :)</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070520/leadraster.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com8tag:blogger.com,1999:blog-3801485324556381326.post-18502995956941670232007-05-19T19:42:00.000-07:002007-05-18T10:42:58.679-07:00MoAxB #19: LeadTools Thumbnail Browser Control (lttmb14E.ocx v. 14.5.0.44) Remote Stack-Based Buffer Overflow<span style="font-size:85%;"><span style="font-family: courier new;">Siccome nei prossimi due giorni non avro accesso a pc di sorta, pubblico in anticipo i bug relativi al 19 e 20 Maggio 2007.</span><br /><span style="font-family: courier new;">Il titolo parla da solo :)</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070519/lademthumb.html">Dimostrazione online</a><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html"><br />Formato testo</a><br /></span>Unknownnoreply@blogger.com7tag:blogger.com,1999:blog-3801485324556381326.post-67285851968439567282007-05-18T13:26:00.000-07:002007-05-18T04:25:43.747-07:00MoAxB #18: LeadTools JPEG 2000 COM Objejct (LTJ2K14.ocx v. 14.5.0.35) Remote Stack-Based Buffer Overflow<span style="font-size:85%;"><span style="font-family: courier new;">Questo ActiveX consente di gestire immagine anche da web browser.</span><br /><span style="font-family: courier new;">Il metodo "BitmapDataPath" è vulnerabile a stack-based buffer overflow che consente l'esecuzione di codice arbitrario sul pc di un utente.</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070518/lead.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070518/leadtxt.html">Formato testo</a></span>Unknownnoreply@blogger.com11tag:blogger.com,1999:blog-3801485324556381326.post-19627163212637612372007-05-17T10:52:00.000-07:002007-05-17T01:53:14.819-07:00MoAxB #17: Sienzo Digital Music Mentor (DMM) 2.6.0.4 (ltmm15.dll) Buffer Overflow Exploit<span style="font-size:85%;"><span style="font-family: courier new;">Un'altra dll (ltmm15.dll) distribuita col DMM Sienzo risulta vulnerabile ad uno stack-based buffer overflow che consente l'esecuzione di codice arbitrario sul pc di un utente che avesse installato questo software.</span><br /><span style="font-family: courier new;">Il vendor continua a non rispondere.</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070517/sienzo2.html">Dimostrazione online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070517/sienzo2txt.html">Formato testo</a><br /></span>Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-3801485324556381326.post-39243799257641829812007-05-16T14:38:00.000-07:002007-05-16T05:37:28.246-07:00MoAxB #16 Bonus: IE 6 PrecisionID Barcode ActiveX 1.9 0day (PrecisionID_Barcode.dll) Remote Arbitrary File Overwrite<span style="font-size:85%;"><span style="font-family: courier new;">Un bonus</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070516/precisionafo.html">Dimostrazione online</a><br /></span>Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-3801485324556381326.post-88213003611554102802007-05-16T14:27:00.000-07:002007-05-16T05:26:47.095-07:00MoAxB #16: IE 6 PrecisionID Barcode ActiveX 1.9 0day (PrecisionID_Barcode.dll) Denail of Service<span style="font-size:85%;"><span style="font-family: courier new;">In data 14/05/2007 è stata rilasciata una nuova versione di questo ActiveX, la 1.9</span><br /><span style="font-family: courier new;">Come un altro componente dello stesso produttore, è soggetto ad uno stack-based buffer overflow che può consentire l'esecuzione di codice arbitrario sul pc di un utente.</span><br /><span style="font-family: courier new;">L'exploit è stato provato su IE6, testandolo su IE7 il browser smette di rispondere.</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070516/precision.html">Dimostrazione online</a><br /></span>Unknownnoreply@blogger.com27tag:blogger.com,1999:blog-3801485324556381326.post-59741534960690324842007-05-15T13:36:00.000-07:002007-05-15T04:35:40.239-07:00MoAxB #15: DB Software Laboratory DeWizardX (DEWizardAX.ocx) Remote Arbitrary File Overwrite<span style="font-size:100%;"><span style="font-family:courier new;">E' possibile, usando il metodo "SaveToFile" di questo ActiveX, sovrascrivere con dati random il contenuto</span> di file arbitrariamente.<br /><span style="font-family:courier new;">Tale operazione risulta rischiosa in quanto, modificando il contenuto di file come system.ini, si può compromettere il funzionamento del pc di un utente.<br /><br /><a href="http://www.shinnai.altervista.org/moaxb/20070515/dbsoftware.html">Dimostrazione online</a><br /></span></span>Unknownnoreply@blogger.com8tag:blogger.com,1999:blog-3801485324556381326.post-29840895591872673372007-05-14T13:15:00.000-07:002007-05-14T04:15:04.928-07:00MoAxB #14: Clever Database Comparer ActiveX version 2.2 Remote Buffer Overflow Exploit<span style="font-size:85%;">Questo ActiveX serve a comparare due database e il metodo "ConnectToDatabase" è vulnerabile a Buffer Overflow che consente l'esecuzione di codice arbitrario sul pc di un utente.<br /><br /><a href="http://www.shinnai.altervista.org/moaxb/20070514/clever.html">Dimostrazione online</a><br /><br />Contenuto dei registri al momento del crash:</span><span style="font-size:78%;"><br /></span><pre id="line1"><span style="font-size:78%;">12:58:35.492 pid=0570 tid=07FC EXCEPTION (first-chance)<br /> ----------------------------------------------------------------<br /> Exception C0000005 (ACCESS_VIOLATION reading [41414141])<br /> ----------------------------------------------------------------<br /> EAX=01D04141: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00<br /> EBX=41418282: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> ECX=01D0EA01: 41 41 41 41 41 41 41 41-41 41 41 41 41 41 41 41<br /> EDX=00000001: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> ESP=01D0E510: 58 DD 0A 03 41 41 41 41-41 41 41 41 00 00 14 00<br /> EBP=01D0E540: E0 EA D0 01 28 6F 93 03-41 41 41 41 58 DD 0A 03<br /> ESI=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> EDI=030ADD58: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00<br /> EIP=039316BC: 38 0E 74 1F 66 85 D2 6A-00 74 07 68 C8 32 95 03<br /> --> CMP [ESI],CL<br /> ----------------------------------------------------------------<br /><br />12:58:35.492 pid=0570 tid=07FC EXCEPTION (first-chance)<br /> ----------------------------------------------------------------<br /> Exception C0000005 (ACCESS_VIOLATION reading [41414141])<br /> ----------------------------------------------------------------<br /> EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> EBX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> ECX=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> EDX=7C9137D8: 8B 4C 24 04 F7 41 04 06-00 00 00 B8 01 00 00 00<br /> ESP=01D0E140: BF 37 91 7C 28 E2 D0 01-28 EC D0 01 44 E2 D0 01<br /> EBP=01D0E160: 10 E2 D0 01 8B 37 91 7C-28 E2 D0 01 28 EC D0 01<br /> ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> EIP=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??<br /> --> N/A<br /> ----------------------------------------------------------------</span></pre>Unknownnoreply@blogger.com11tag:blogger.com,1999:blog-3801485324556381326.post-48925755071736392302007-05-13T11:45:00.000-07:002007-05-13T02:45:17.847-07:00MoAxB #13: ID Automation Linear Barcode ActiveX Control (IDAutomationLinear6.dll) v. 1.6.0.5 DoS<span style="font-size:85%;"><span style="font-family: courier new;">Altro ActiveX per barcode...</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070513/IDAutomation.html">Dimostrazione online</a><br /></span>Unknownnoreply@blogger.com12tag:blogger.com,1999:blog-3801485324556381326.post-90041058626724184842007-05-12T10:12:00.000-07:002007-05-12T01:12:16.133-07:00MoAxB #12: PrecisionID Barcode ActiveX (PrecisionID_DataMatrix.DLL) 1.3 Denail of Service<span style="font-size:85%;"><span style="font-family: courier new;">Un altro ActiveX col quale è possibile creare barcode. Come si può vedere, con l'exploit riusciamo a sovrascrivere EAX quindi non escludo la possibilità di esecuzione di codice arbitrario.</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070512/precision.html">Dimostrazione online</a><br /></span>Unknownnoreply@blogger.com9tag:blogger.com,1999:blog-3801485324556381326.post-91943325756654632692007-05-11T18:17:00.000-07:002007-05-11T09:16:04.621-07:00MoAxB #11 Bonus: GDivX Zenith Player AviFixer Class ActiveX BOF<span style="font-size:85%;"><span style="font-family: courier new;">Questo ActiveX viene distribuito col player in oggetto.</span><br /><br /><span style="font-family: courier new;">L'autore/scopritore del bug e </span><span style="font-weight: bold; font-family: courier new;">rgod</span><br /><br /><span style="font-family: courier new;">Ecco il link all'exploit:</span><br /><a style="font-family: courier new;" href="http://retrogod.altervista.org/ie_gdivx_activex_bof.html">http://retrogod.altervista.org/ie_gdivx_activex_bof.html</a><br /></span>Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-3801485324556381326.post-71584162950170954592007-05-11T12:13:00.000-07:002007-05-11T09:17:00.379-07:00MoAxB #11: Morovia Barcode ActiveX Professional Arbitrary file overwrite<span style="font-size:85%;"><span style="font-family:courier new;">E' possibile, usando il metodo "Save" di questo ActiveX, sovrascrivere con dati random il contenuto</span> di file arbitrariamente.<br /><span style="font-family:courier new;">Tale operazione risulta rischiosa in quanto, modificando il contenuto di file come system.ini, si può compromettere il funzionamento del pc di un utente.</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070511/morovia.html">Dimostrazione online</a><br /></span>Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-3801485324556381326.post-70706638818649339912007-05-10T14:04:00.000-07:002007-05-10T05:03:49.761-07:00MoAxB #10: RControl.dll v. 1.2.1.0 Denial of Service Exploit<span style="font-size:85%;"><span style="font-family:courier new;">Anche questo controllo è un VNC manager e anche questo è vulnerabile a stack overflow.</span><br /><span style="font-family:courier new;">Giostrando la lunghezza della stringa si possono controllare di volta in volta diversi registri, quindi non escludo la possibilità di esecuzione di codice arbitrario.</span><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070510/rControl.html">Dimostrazione Online</a><br /><br /><a style="font-family: courier new;" href="http://www.shinnai.altervista.org/moaxb/20070510/rControl.txt">Formato testo</a><br /><br /><span style="font-family:courier new;">P.S.</span><br /><span style="font-family:courier new;">Se si prova con una stringa inferiore a 4000 caratteri si verifica uno strano crash. Sembra un heap overflow nella ntdll.dll ma non ne sono sicuro e non ho tempo di indagare a fondo :)</span></span>Unknownnoreply@blogger.com7tag:blogger.com,1999:blog-3801485324556381326.post-42200307108851134202007-05-09T10:18:00.000-07:002007-05-09T01:19:03.196-07:00MoAxB #09: BarCodeWiz ActiveX Control 2.0 (BarcodeWiz.dll) Remote Buffer Overflow Exploit<span style="font-size:85%;"><span style="font-family: courier new;">Questo controllo consente di creare, visualizzare e stampare codici a barre. Il metodo "verify" di questo controllo è vulnerabile a buffer overflow grazie al quale il registro EIP viene sovrascritto dando la possibilità di eseguire codice arbitrario.</span><br /><br /><a href="http://www.shinnai.altervista.org/moaxb/20070509/barcodewiz.html"><span style="font-family: courier new;">Dimostrazione online</span></a><br /><br /><a href="http://www.shinnai.altervista.org/moaxb/20070509/barcodewiz.txt"><span style="font-family: courier new;">Formato txt</span></a><br /><br /><span style="font-family: courier new;">Ecco la situazione dei registri al momento del crash:</span><br /><br /><span style="font-size:78%;"><span style="font-family: courier new;">14:39:21.000 pid=1244 tid=1534 EXCEPTION (first-chance)</span><br /><span style="font-family: courier new;"> ----------------------------------------------------------------</span><br /><span style="font-family: courier new;"> Exception C0000005 (ACCESS_VIOLATION reading [61616239])</span><br /><span style="font-family: courier new;"> ----------------------------------------------------------------</span><br /><span style="font-family: courier new;"> EAX=61616161: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??</span><br /><span style="font-family: courier new;"> EBX=03558474: 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00</span><br /><span style="font-family: courier new;"> ECX=01D1E375: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00</span><br /><span style="font-family: courier new;"> EDX=01D1F020: 41 41 41 41 41 41 41 41-41 41 41 41 41 41 41 41</span><br /><span style="font-family: courier new;"> ESP=01D1F014: 00 00 00 00 1C 0A 57 03-70 1B EB 03 41 41 41 41</span><br /><span style="font-family: courier new;"> EBP=01D1F420: 41 41 41 41 41 41 41 41-61 61 61 61 41 41 41 41</span><br /><span style="font-family: courier new;"> ESI=770F4C3B: 8B FF 55 8B EC 8B 45 08-85 C0 74 05 8B 40 FC D1</span><br /><span style="font-family: courier new;"> EDI=01D1F010: 7C 9E 55 03 00 00 00 00-1C 0A 57 03 70 1B EB 03</span><br /><span style="font-family: courier new;"> EIP=03E9F9C6: 8B 88 D8 00 00 00 52 8B-01 FF 50 0C 85 C0 8B 45</span><br /><span style="font-family: courier new;"> --> MOV ECX,[EAX+000000D8]</span><br /><span style="font-family: courier new;"> ----------------------------------------------------------------</span><br /><br /><span style="font-family: courier new;">14:39:21.000 pid=1244 tid=1534 EXCEPTION (first-chance)</span><br /><span style="font-family: courier new;"> ----------------------------------------------------------------</span><br /><span style="font-family: courier new;"> Exception C0000005 (ACCESS_VIOLATION reading [62626262])</span><br /><span style="font-family: courier new;"> ----------------------------------------------------------------</span><br /><span style="font-family: courier new;"> EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??</span><br /><span style="font-family: courier new;"> EBX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??</span><br /><span style="font-family: courier new;"> ECX=62626262: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??</span><br /><span style="font-family: courier new;"> EDX=7C9137D8: 8B 4C 24 04 F7 41 04 06-00 00 00 B8 01 00 00 00</span><br /><span style="font-family: courier new;"> ESP=01D1EC44: BF 37 91 7C 2C ED D1 01-94 F8 D1 01 48 ED D1 01</span><br /><span style="font-family: courier new;"> EBP=01D1EC64: 14 ED D1 01 8B 37 91 7C-2C ED D1 01 94 F8 D1 01</span><br /><span style="font-family: courier new;"> ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??</span><br /><span style="font-family: courier new;"> EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??</span><br /><span style="font-family: courier new;"> EIP=62626262: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??</span><br /><span style="font-family: courier new;"> --> N/A</span><br /><span style="font-family: courier new;"> ----------------------------------------------------------------</span></span></span>Unknownnoreply@blogger.com15