McAfee Subscription Manager ActiveX Exploit

This module exploits a buffer overflow vulnerability in the McAfee Subscription Manager (MCSUBMGR.DLL) ActiveX control. The exploit is triggered when the IsOldAppInstalled () method processes an overly long string argument allowing remote attackers to execute arbitrary code. This client-side exploit is dependent on a user visiting a malicious web-site hosted by CORE IMPACT to distribute the exploit and install an agent.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Wednesday, June 20, 2007 - 19:00