A code execution vulnerability exists in the way that VLC handles specially crafted .AMV files when opening in Internet Explorer 6 or 7 This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
The vulnerability is due to an error while parsing Parts field in ABC files which can result in an integer overflow in the libmodplug library used by VLC Media Player. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module exploits a vulnerability in the PDWizard.ocx of the Visual Studio application. The module will run a malicious website in the Core Impact console and wait for a user to connect and trigger the exploit. This module runs a web server waiting for vulnerable clients (Internet Explorer 5 or 6) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
The vulnerability is caused due to a boundary error in VisiWave Site Survey Report when handling report files. This can be exploited to cause a stack based buffer overflow via a specially crafted .VWR file. This module bypass DEP using ROP techniques. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A stack-based buffer overflow occurs when you pass to "strFontName" parameter a string overly long than 24 bytes which leads into EIP overwrite allowing the execution of arbitrary code in the context of the logged on user. This happens because an inadequate space is stored into the buffer intended to receive the font name.
VideoSpirit Pro is prone to a buffer overflow when parsing a .VISPRJ project file that contains an overly long "MP3" value. The vulnerability is caused due to a wrong check of the data before it is passed to strcpy(). This can be exploited to cause a stack-based buffer overflow via a specially crafted .VISPRJ file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error in VideoCharge Studio when handling .VSC files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .VSC file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
VideoCharge Studio is prone to a vulnerability that may allow execution of dwmapi.dll if this dll is located in the same folder than a .VSC file. The attacker must entice a victim into opening a specially crafted .VSC file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a vulnerability in the UFileUploaderD.dll control included in the HTTP File Upload ActiveX Control. The exploit is triggered when the AddFile() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3, via a document with a long ID parameter.