IBM Lotus iNotes ActiveX control dwa85W.dll is vulnerable to a buffer overflow via a long argument passed to the Attachment_Times method. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by instantiating the "iim" uri handler with a malicious DLL (impact.dll) as parameter.
A malformed NFX document allows an attacker to execute arbitrary code. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A stack-based buffer overflow in IBM Forms Viewer allows an attacker to execute arbitrary code via an specially crafted a .XFDL file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in IBM Access Support Control (IbmEgath.dll). When the GetXMLValue method process a long string argument, a stack based buffer overflow occurs. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in the HyleosChemView.ocx control included in the Hyleos ChemView ActiveX application. The exploit is triggered when the OpenURL() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a stack-based buffer overflow in the HTML Email Creator application by sending or creating mails, with malformed HTML tags.
HT-MP3Player contains a buffer prone to exploitation when handling .HT3 files, which can be exploited to cause a stack-based buffer overflow via a specially crafted .HT3 file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in ContentMan.dll included in the HP Photo Creative application. The exploit is triggered when the CRecord() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in XUpload.ocx included in the HP LoadRunner application. The exploit is triggered when the AddFile() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.