Sorax PDF Reader is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .PDF file. The attacker must entice a victim into opening a specially crafted .HEX file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Sony Sound Forge Pro is prone to a vulnerability that may allow the execution of any library file named MtxParhVegasPreview.dll, if this dll is located in the same folder as a .SFW file. The attacker must entice a victim into opening a specially crafted .SFW file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
SolarWinds Application Monitor suffers from an ActiveX heap overflow. The vulnerability is caused due to an error when handling the "PEstrarg1" member within the bundled GigaSoft ProEssentials PieChart ActiveX control (Pesgo32c). This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7, 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
The specific flaw exists within the factory object's loadExtensionFactory method. The issue lies in a failure to validate the size of an attacker-supplied input before copying it into a fixed-size buffer on the stack. An attacker can leverage this vulnerability to execute code under the context of the current process. This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7, 8, 9) to connect to it.
SolarWinds Application Monitor suffers from an ActiveX heap overflow. The vulnerability is caused due to an error when handling the "PEstrarg1" member within the bundled GigaSoft ProEssentials PieChart ActiveX control (pepco32c.ocx). This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7 or 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a buffer overflow vulnerability in the Extras Manager ActiveX Control included in Skype. This bug is currently being exploited in the wild. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Sketchup fails to validate the input when parsing an embedded MAC Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
SiSoftware Sandra is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .SIS file. The attacker must entice a victim into opening a specially crafted .SIS file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Silo is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .SIB file. The attacker must entice a victim into opening a specially crafted .SIB file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Subscribe to Client Side