This module exploits a buffer overflow vulnerability in the NSEPA.NsepaCtrl.1 ActiveX control in Nsepa.ocx in Citrix Access Gateway Enterprise Edition. When the control processes a crafted HTTP header data, a stack based buffer overflow occurs allowing execution of arbitrary code.
IBM Rational ClearQuest ActiveX control Cqole.dll is vulnerable to a buffer overflow, caused by a function prototype mismatch in the RegisterSchemaRepoFromFileByDbSet() function.
The CrazyTalk4Native.dll bundled with Dell Webcam Central is prone to a buffer overflow which is exploited by this module.
ASUS Net4Switch is prone to an overflow condition related to the ActiveX component ipswcom.dll. The CxDbgPrint()function (cxcmrt.dll) fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted message string passed to the Alert() method, a remote attacker can potentially execute arbitrary code.
Microsoft Windows does not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object within a file.
A Stack-based buffer overflow in VideoLAN VLC media player allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
OpenKM allows administrative users (those having the AdminRole) to run bean shell scripts. Due to this permission an attacker could lure an OpenKM administrator to a malicious web page that causes arbitrary OS commands to run in the administrators OpenKM session context.
This update adds support to Microsoft Windows XP with the MS12-034 patch installed.
This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters.
When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.
This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters.
When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.
Shadow Stream Recorder is prone to a remote stack-based buffer-overflow vulnerability because the applications fail to perform adequate boundary checks on user-supplied input.
This module exploits a stack-based buffer overflow in the MSCOMCTL.OCX control by sending a specially crafted .RTF file.
This update fixes an issue in the agent connector.
This update fixes an issue in the agent connector.