VDA Labs

IE7_LinkedIn_PoC.html

 

LinkedIn Toolbar Remote (Client side) Exploit

----------------------------------------------------

Version: 3.0.2.1098 (LinkedInIEToolbar.dll)

 

How to Exploit

-----------------

If a user, with the LinkedIn toolbar installed, is tricked into browsing a website that contains the above code -- game over. However, this Proof of Concept (PoC) code merely pops up the calc.exe application. The PoC was tested on XPSP2. Reliability was not tweaked as this is just a proof.

 

Discovered and Exploited By

---------------------------------

Jared DeMott and Justin Seitz, VDA Labs