Chasys Media Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Chasys Media Player when handling .M3U or .PLS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U or .PLS file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error within flt_BMP.dll when processing BMP images and can be exploited to cause a stack-based buffer overflow via specially crafted "biPlanes" and "biBitCount" fields. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in the ListCtrl ActiveX Control (ListCtrl.ocx) used CA BrightStor ARCserve Backup. The exploit is triggered when a long string argument is processed by the AddColumn() method resulting in a stack-based buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CastRipper contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in CastRipper when handling .PLS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .PLS file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Camtasia Studio is prone to a vulnerability that may allow the execution of any library file named mfc90enu.dll, if this dll is located in the same folder than a .CMMP file. The attacker must entice a victim into opening a specially crafted .CMMP file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a vulnerability caused by a boundary error in the processing of RDP files. This can be exploited to cause a stack-based buffer overflow by tricking a user into decoding a specially crafted RDP file. This module runs a malicious web server on the Core Impact Console and waits for unsuspecting users to trigger the exploit by connecting to it.
BulletProof FTP Client contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in BulletProof FTP Client when handling .BPS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .BPS file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
BS Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error when handling crafted .BSL files. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error within the parsing of .SFS files, this can be exploited to cause a stack-based buffer overflow via a .SFS file with an overly long file string. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Subscribe to Client Side