[framework] ie_createobject exploit

[G Portokalidis]

Hello all,
I have been trying some of the exploits against a Windows XP SP2 (no
updates since release) target.

When i try the ie_createobject exploit everything seems to be working
fine, a file is downloaded in c:\windows\prefetch, but an error occurs
when trying to execute that file, which i assume actually contains the
payload.

What i am more interested is how does this exploit work. I've been
browsing the net, but all i could find is "unspecified vulnerability"
that allows to execute arbitrary code.
Does anyone have any additional information?
Is it an overflow(stack, heap), or a design flow that simply allows
remote users to save and execute code?

This is of special interest to me, since i am trying to figure out why
does this evades detection from the Argos emulator
(www.few.vu.nl/argos).

Is it possible that the windows version i am using is not vulnerable
(it seems to be)?
I am running MDAC v 2.81.1117. MS says Windows XP SP2 with MDAC v2.8
is vulnerable, i am not sure whether mine falls into that category.

Thanks,
George