关于这个漏洞的测试俺需要说明一下,漏洞是因为office在打开wps格式的文件进行转换时出现了漏洞,所以需要安装转换器。不过我在安装office 2003的时候默认是安装了转换器的
。测试的时候先打开offie然后选择生成好的.wps文件即可(或者右键单击生成好的文件然后选择用winword打开)。
我添加了对简体中文和繁体中文系统的支持,在windows xp sp2+microsot office 2003 sp2上测试成功!-wps2 overflow c code ....hope to be useful to you (Test Environment is windows xp sp2+microsot office 2003 sp2)
SHOW FULL COLUMNS FROM `jrk_downrecords` [ RunTime:0.001046s ]
SELECT `a`.`aid`,`a`.`title`,`a`.`create_time`,`m`.`username` FROM `jrk_downrecords` `a` INNER JOIN `jrk_member` `m` ON `a`.`uid`=`m`.`id` WHERE `a`.`status` = 1 GROUP BY `a`.`aid` ORDER BY `a`.`create_time` DESC LIMIT 10 [ RunTime:0.066418s ]
SHOW FULL COLUMNS FROM `jrk_tagrecords` [ RunTime:0.001022s ]
SELECT * FROM `jrk_tagrecords` WHERE `status` = 1 ORDER BY `num` DESC LIMIT 20 [ RunTime:0.001233s ]
SHOW FULL COLUMNS FROM `jrk_member` [ RunTime:0.001049s ]
SELECT `id`,`username`,`userhead`,`usertime` FROM `jrk_member` WHERE `status` = 1 ORDER BY `usertime` DESC LIMIT 10 [ RunTime:0.003231s ]
SHOW FULL COLUMNS FROM `jrk_searchrecords` [ RunTime:0.000908s ]
SELECT * FROM `jrk_searchrecords` WHERE `status` = 1 ORDER BY `num` DESC LIMIT 5 [ RunTime:0.003954s ]
SELECT aid,title,count(aid) as c FROM `jrk_downrecords` GROUP BY `aid` ORDER BY `c` DESC LIMIT 10 [ RunTime:0.017871s ]
SHOW FULL COLUMNS FROM `jrk_articles` [ RunTime:0.001176s ]
UPDATE `jrk_articles` SET `hits` = 2 WHERE `id` = 133686 [ RunTime:0.017375s ]
