The vulnerability is caused due to a boundary error when processing malformed ASX playlist files. This can be exploited to cause a stack-based buffer overflow tricking a user into opening a specially crafted playlist file containing a ref tag with an overly long href attribute.
This module exploits a vulnerability in Microsoft Jet Database (msjet40.dll) through a Microsoft Word document. The vulnerability is caused due to a boundary error in msjet40.dll within the processing of MDB files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened.
This update corrects documentation.
This update corrects documentation.
When the method WmfEnumState::DibCreatePatternBrush in the GDI Plus library processes a WMF file with a malformed CreatePatternBrush record, this produces a stack overflow.
BlazeDVD is prone to a remote memory-corruption vulnerability because the application fails to handle malformed playlist files.
Acoustica Mixcraft is prone to a buffer-overflow vulnerability in the handling of .MX4 project files, because the application fails to bounds-check user-supplied data, before copying it into an insufficiently sized buffer.
This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in collectEmailInfo() method in EScript.api. This can be exploited to cause a stack-based buffer overflow when a specially crafted PDF file is opened.
This update adds support for Mac OS X 10.4.x and 10.5.x.
This update adds support for Mac OS X 10.4.x and 10.5.x.
This module exploits a stack-based buffer overflow in the wmex.dll ActiveX Control included in Microsoft Windows Media Encoder 9.
This module exploits a heap overflow vulnerability in the OpenColorProfileW function of mscms.dll through a malformed EMF file embedded in an HTML file.
This module exploits a stack-based buffer overflow in the wmex.dll ActiveX Control included in Microsoft Windows Media Encoder 9.
This module exploits a stack-based buffer overflow in the msmask32.ocx ActiveX Control included in Microsoft Visual Studio 6.
This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.