KingView is prone to a stack based buffer overflow when opening specially crafted KVL files (log files). This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Kingsoft Writer is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .DOC document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Kingsoft Writer is prone to a Buffer Overflow when handling font names via a specially crafted WPS file with an overly long font name. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Kingsoft Writer 2010 is prone to a vulnerability that may allow execution of plgpf.dll if this dll is located in the same folder than .WPS file. The attacker must entice a victim into opening a specially crafted .WPS file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Kingsoft Writer is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .WPS document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
KeePass Password Safe is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .KDBX file. The attacker must entice a victim into opening a specially crafted .KDBX file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
The vulnerability is caused due to a boundary error within the parsing of .SSA files, this can be exploited to cause a stack-based buffer overflow via a .SSA file with an overly long file string. Kantaris uses a vulnerable library that was originally shipped by VideoLAN VLC 0.8.6d. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a XSS vulnerability in JOnAS which allows CORE Core Impact to perform remote command injection impersonating an administrator and uploading a plugin to the JOnAS server. This module runs a web server waiting for a JOnAS administrator to connect to it. When the client connects, it will retrieve the JOnAS administrator cookie and try to install an agent on the JOnAS server by installing a custom plugin in JOnAS.
This module exploits a vulnerability in the JetAudio ActiveX Control (JetFlExt.dll). The exploit is triggered when a special string argument is processed by the DownloadFromMusicStore() method resulting in a stack-based buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Subscribe to Windows