This module exploits a stack overflow in library DCCFAXVW.DLL of Symantec WinFax Pro. When passing an overly long string to the AppendFax() method, arbitrary code may be executed. A web server is launched at Core Core Impact Console to wait for vulnerable clients (Internet Explorer) connections. When that happens, the module will try to install an agent on the client's host system by exploiting the mentioned vulnerability.
CVE Link
Exploit Platform
Exploit Type
Product Name