A Buffer Overflow exists in AllPlayer when parsing .m3u files. The vulnerability is caused due to a boundary error when handling a crafted .m3u files.
Microsoft Office is prone to a memory corruption vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .RTF document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a buffer overflow on Sync Breeze Formats plugin when parsing a specially crafted .XML file. After the file is downloaded, the user must open it from the application, clicking on the Command option in the menu bar (or right clicking in the middle window), then choosing Import Command ... and selecting the file.
Cisco WebEx Network Recording Player is prone to a vulnerability that may allow execution of ATTRAC32.DLL if this module is located in the same folder than .ARF file.
This module exploits a buffer overflow on IrfanView Formats plugin when parsing a specially crafted .XCF file.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A stack-based buffer overflow in WECON LeviStudio HMI Editor allows an attacker to execute arbitrary code via crafted .UMP file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in Microsoft Office Word. The flaw is related in how Microsoft Word parses SOAP WSDL links. It is possible to open a RTF file and execute arbitrary code in vulnerable installations of Microsoft Office Word.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.