Maya Studio EO Video contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error when handling .EOP files. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a buffer overflow vulnerability in Lotus Notes 8.0 when parsing a malformed, specially crafted WPD (Word Perfect Document) file.
This module exploits a buffer overflow vulnerability in Lotus Notes 8.5 when parsing a malformed, specially crafted WK3 (SpreadSheet Lotus 1-2-3 Document) file.
The buffer overflow occurs within lasr.dll when parsing an AMI Pro document (.sam) file. In several places within the DLL, the unsafe "lstrcpy()" function is used to copy each line read from the file into fixed sized stack and heap buffers. There are no length checks before performing the string copy operation. Hence, it is possible to create an AMI Pro file that contains overly long lines that will trigger the buffer overflow when viewed within Lotus Notes.
The buffer overflow hen parsing an LZH compressed file. Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.
This module exploits a buffer overflow vulnerability in Lotus Notes 8.5.2 when parsing a malformed, specially crafted AS (Applix Spreadsheet) file.
The module sends an email with a malformed png file attached, when the mail is read with a vulnerable mail client an agent will be installed. The exploit code is specially crafted to avoid the user from detecting the exploitation. The number of agents installed depends in how many times the user reads the mail, a new thread is created for each one.
KingView is prone to a stack based buffer overflow when opening specially crafted KVL files (log files). This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Kingsoft Writer is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .DOC document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Kingsoft Writer is prone to a Buffer Overflow when handling font names via a specially crafted WPS file with an overly long font name. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.