This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by instantiating the "iim" uri handler with a malicious DLL (impact.dll) as parameter.
A malformed NFX document allows an attacker to execute arbitrary code. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A stack-based buffer overflow in IBM Forms Viewer allows an attacker to execute arbitrary code via an specially crafted a .XFDL file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in IBM Access Support Control (IbmEgath.dll). When the GetXMLValue method process a long string argument, a stack based buffer overflow occurs. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in the HyleosChemView.ocx control included in the Hyleos ChemView ActiveX application. The exploit is triggered when the OpenURL() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a stack-based buffer overflow in the HTML Email Creator application by sending or creating mails, with malformed HTML tags.
HT-MP3Player contains a buffer prone to exploitation when handling .HT3 files, which can be exploited to cause a stack-based buffer overflow via a specially crafted .HT3 file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in ContentMan.dll included in the HP Photo Creative application. The exploit is triggered when the CRecord() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in XUpload.ocx included in the HP LoadRunner application. The exploit is triggered when the AddFile() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
HP LoadRunner contains an overflow condition in the MicWebAjax ActiveX control. The issue is triggered as user-supplied input is not properly validated during the handling of a malformed website that calls the aforementioned ActiveX control. This may allow a context-dependent attacker to cause a buffer overflow and allowing the execution of arbitrary code. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 and 7 ) in Windows XP to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.