Buffer overflow in Microsoft Office Excel allows remote attackers to execute arbitrary code via a crafted .SLK file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a buffer overflow on Microsoft Office Excel when parsing a malformed .XLS file.
This module exploits a vulnerability in Microsoft Excel 2003 SP2 and earlier when parsing a malformed xls file. The module will send an e-mail with an attached .xls file. This file will deploy an agent when opened by the user.
This module exploits a buffer overflow on Microsoft Office Excel when parsing a malformed .XLS file.
Buffer overflow in Microsoft Office Excel allows remote attackers to execute arbitrary code via a crafted .XLS file with a malformed HFPicture (0x866) record. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files that include a malformed record object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
This module exploits a stack corruption in the DirectShow Quicktime Movie parser in quartz.dll of Microsoft DirectX. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Microsoft Address Book is prone to a vulnerability that may allow execution of wab32res.dll if this dll is located in the same folder than .WAB file. The attacker must entice a victim into opening a specially crafted .WAB file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits an arbitrary file download vulnerability in the Snapshot Viewer ActiveX Control included in Microsoft Access. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in MicroP which is caused due to a boundary error in the processing of mppl files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.