IZArc is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .ARJ file. The attacker must entice a victim into opening a specially crafted .ARJ file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a vulnerability in ispVM system. The vulnerability is caused due to boundary error in the processing of xcf files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
A stack-based buffer overflow in IrfanView (MrSID plug-in MrSID.dll) allows an attacker to execute arbitrary code via an specially crafted a .SID file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in Apple IrfanView which is caused due to a boundary error in the processing of jp2 files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module exploits a buffer overflow on IrfanView Formats plugin when parsing a specially crafted .XCF file.
This module exploits a vulnerability in IrfanView FlashPix plugin (.fpx files). The vulnerability is caused due to boundary error in fpx.dll within the processing of fpx files. This can be exploited to cause a heap-based buffer overflow when a specially crafted file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module exploits a buffer overflow on IrfanView Formats plugin when parsing a specially crafted .TTF file.
The vulnerability is caused due to a boundary error within the Formats plug-in (Formats.dll) when handling IFF files. This can be exploited to cause a stack-based buffer overflow via a specially crafted IFF file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
IRAI AUTOMGEN SCADA is prone to a vulnerability that may allow execution of mfc71enu if this dll is located in the same folder than .AGN file. The attacker must entice a victim into opening a specially crafted .AGN file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a vulnerability caused due to boundary errors in IntelliTamper within the processing of HTML files when the program scans a site. IntelliTamper fails to check in the image tag on supplied data, allowing an attacker to cause a stack overflow in order to execute arbitrary code.