Daemon Tools Lite is prone to a vulnerability that may allow execution of MFC80LOC.DLL if this dll is located in the same folder than .MDS file. The attacker must entice a victim into opening a specially crafted .MDS file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a vulnerability in Cytel StatXact. The vulnerability is caused due to boundary error within the processing of .CY3 project files. This can be exploited to cause a stack-based buffer overflow when a specially crafted .CY3 file is opened. This module runs a malicious website on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the website.
This module exploits a vulnerability in Cytel LogXact. The vulnerability is caused due to boundary error within the processing of .CY3 project files. This can be exploited to cause a stack-based buffer overflow when a specially crafted .CY3 file is opened. This module runs a malicious website on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the website.
This module exploits a vulnerability in the ChartFX.ClientServer.Core.dll module included in the CYME ChartFX application. The exploit is triggered when the ShowPropertiesDialog() method processes a crafted argument resulting in a memory corruption. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 and 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CyberLink Power Director is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .PDL file. The attacker must entice a victim into opening a specially crafted .PDL file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
CyberLink Power2Go is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .P2G file. The attacker must entice a victim into opening a specially crafted .P2G file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Buffer overflow in Csound exists when trying to import a malicious hetro file in tabular format. In order to achieve exploitation the user should import the malicious file through csound with a console command like: csound -U het_import project.csd file.het. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a heap based buffer overflow vulnerability in the PrintControl module included in the Crystal Reports Viewer application. The exploit is triggered when the ServerResourceVersion property processes a crafted argument. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7, 8 and 9) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in the CTSUEng.ocx control included in the Creative Software AutoUpdate application. The exploit is triggered when the CacheFolder property processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Subscribe to Client Side