This module exploits a vulnerability in Java QuickTime (QtJava.dll),specifically the routine toQTPointer() exposed through quicktime.util.QTHandleRef. A lack of sanity checking on the parameters passed to this routine, through the Java Virtual Machine (JVM), allows an attacker to write arbitrary values to memory. This module runs a web server waiting for vulnerable clients (In Windows ,Opera, Firefox and Internet Explorer and in Mac Os X in Safari Browser) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

Buffer Overflow when Quicktime fails to properly handle the data length for certain atoms such as 'rdrf' or 'dref' in the Alis record by loading a specially crafted .MOV file. This module runs a web server waiting for vulnerable clients (Internet Explorer 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

The vulnerability exists within the way Quicktime parse h264 movies. The application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack.

This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a vulnerability in ATSServer through Quicklook/Safari/Apple Mail/Preview, which allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. The module will send an e-mail with an attached .pdf file. This file will deploy an agent when opened by the user. Additionally, the module will allow users to download the malformed .pdf file from Core Impact's Web Server. Also, this module can drop a specially crafted PDF file in a local folder of the user's choice. This file can later be placed in a shared folder. Exploitation will occur in the first case just by visiting the folder in which the file is stored.

Apple iTunes is prone to a buffer-overflow vulnerability when handling playlists because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

This module exploits a vulnerability in Apple iTunes which is caused due to a boundary error in the processing of m3u files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

The application is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when a long ITMS URI is supply to Firefox Browser, this redirect the petition to Apple Itunes. An attacker can exploit this issue by enticing a vulnerable user into connecting to a malicious HTTP server or opening a specially crafted URI that contains an excessively long hostname. This module runs a web server waiting for vulnerable clients (Apple iTunes in Mozilla Firefox) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

This module exploits a vulnerability in AmpX.dll included in the AOL Radio ActiveX application. The exploit is triggered when the IWinAmpActiveX.ConvertFile() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

A buffer overflow in AOL Desktop allows an attacker to execute arbitrary code via crafted .RTX file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.

This module exploits a vulnerability in the PWButtonXControl1.ocx control included in the Anzio Web Print Object application. The exploit is triggered when the mainuri property processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.