VDA Labs




LinkedIn Toolbar Remote (Client side) Exploit


Version: (LinkedInIEToolbar.dll)


How to Exploit


If a user, with the LinkedIn toolbar installed, is tricked into browsing a website that contains the above code -- game over. However, this Proof of Concept (PoC) code merely pops up the calc.exe application. The PoC was tested on XPSP2. Reliability was not tweaked as this is just a proof.


Discovered and Exploited By


Jared DeMott and Justin Seitz, VDA Labs



Copyright VDA Labs, LLC. All rights reserved.