This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by instancing DXTLIPI.DLL and setting the SourceUrl property to trigger a buffer overflow, overwriting a function pointer to install an agent.
CVE Link
Exploit Platform
Exploit Type
Product Name