Creative Software AutoUpdate ActiveX Exploit Update

This module exploits a vulnerability in the CTSUEng.ocx control included in the Creative Software AutoUpdate application. The exploit is triggered when the CacheFolder property processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This update add support till 2.0.12.0 version of CTSUEng.ocx.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2008-0955
Product Version: 
10.0
Released Date: 
Wednesday, April 7, 2010 - 00:00