There is a buffer overflow in lasr.dll when parsing an AMI Pro document(.sam) file. The unsafe lstrcpy() function is used to copy each line read from the file into fixed sized stack and heap buffers, with no length checks being performed. Hence, it is possible to create an AMI Pro file that contains overly long lines that will trigger the buffer overflow when viewed within Lotus Notes.



In order to exploit this vulnerability successfully, the user must be convinced to view a malicious AMI Pro document file attachment using the built-in viewer in Lotus Notes.

This module exploits a vulnerability in Visual Basic 6 .vbp files. The vulnerability is caused due to boundary error in VB6.EXE within the processing of VBP archives. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened.



Supported systems:

- Windows XP Professional - sp2 (i386)

Visual Basic Enterprise 6.0

This module exploits a vulnerability caused due to a boundary error in the ierpplug.dll of the Real Player application. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This package updates the Apple QuickTime Java toQTPointer code execution exploit module.

This module exploits a vulnerability caused due to a boundary error in the Microsoft Agent ActiveX control (agentdpv.dll) when handling specially crafted URLs passed as argument to a certain unspecified method.



This package improves the reliability of the exploit.

This module exploits a vulnerability in Adobe Reader and Acrobat 8.0.1 and earlier on systems with Internet Explorer 7 installed.

This module exploits a vulnerability on Kodak Image Viewer, formerly known as Wang Image Viewer, handles specially crafted images files.

WARNING: This is an early release module.

This is not the final version of this module. It is a pre-released

version in order to deliver a module as quickly as possible to our

customers that may be useful in some situations. Since this module is

not the final version it may contain bugs or have limited functionality

and may not have complete or accurate documentation.

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.

This module exploits a vulnerability in the SQLDMO.DLL control included in the Microsoft SQL Server application. The exploit is triggered when the Start() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This update adds support for Mac OS X, Windows 2000 and Windows 2003 platforms and support for 0.86 and 0.86a versions of VLC.