This module exploits a buffer overflow vulnerability in the Image22 ActiveX Control. The exploit is triggered when the DrawIcon() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Exploit Platform
Exploit Type
Product Name