This module exploits a vulnerability in AmpX.dll included in the AOL Radio ActiveX application. The exploit is triggered when the IWinAmpActiveX.ConvertFile() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Exploit Platform
Exploit Type
Product Name