The CrazyTalk4Native.dll bundled with Dell Webcam Central is prone to a buffer overflow which is exploited by this module. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. Note that the affected ActiveX component may be present on other DELL products. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
The vulnerability is caused due to boundary errors in dBpowerAMP within the processing of M3U files. dBpowerAMP fails to check the length of the string in M3U playlist archives, allowing an attacker to cause a stack overflow in order to execute arbitrary code.
Daemon Tools Lite is prone to a vulnerability that may allow execution of MFC80LOC.DLL if this dll is located in the same folder than .MDS file. The attacker must entice a victim into opening a specially crafted .MDS file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a vulnerability in Cytel StatXact. The vulnerability is caused due to boundary error within the processing of .CY3 project files. This can be exploited to cause a stack-based buffer overflow when a specially crafted .CY3 file is opened. This module runs a malicious website on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the website.
This module exploits a vulnerability in Cytel LogXact. The vulnerability is caused due to boundary error within the processing of .CY3 project files. This can be exploited to cause a stack-based buffer overflow when a specially crafted .CY3 file is opened. This module runs a malicious website on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the website.
This module exploits a vulnerability in the ChartFX.ClientServer.Core.dll module included in the CYME ChartFX application. The exploit is triggered when the ShowPropertiesDialog() method processes a crafted argument resulting in a memory corruption. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 and 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CyberLink Power Director is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .PDL file. The attacker must entice a victim into opening a specially crafted .PDL file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
CyberLink Power2Go is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .P2G file. The attacker must entice a victim into opening a specially crafted .P2G file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Subscribe to Windows