BulletProof FTP Client contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in BulletProof FTP Client when handling .BPS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .BPS file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
BS Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error when handling crafted .BSL files. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error within the parsing of .SFS files, this can be exploited to cause a stack-based buffer overflow via a .SFS file with an overly long file string. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The specific flaw exists within the Borland Silk Central TeeChart ActiveX control. The control suffers from an untrusted pointer dereference vulnerability because it blindly calls an attacker-supplied memory address. An attacker can exploit this condition to achieve code execution under the context of the browser process. This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7, 8 or 9) to connect to it.
The vulnerability is caused due to a boundary error in BlazeHDTV when handling Playlist files. This can be exploited to cause a stack-based buffer overflow via a specially crafted PLF file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error in BlazeDVD when handling Playlist files. This can be exploited to cause a stack-based buffer overflow via a specially crafted PLF file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error in the processing of .TORRENT files. This can be exploited to cause a stack-based buffer overflow by tricking the user into opening a .TORRENT file containing an overly long Created By field. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Bentley Microstation is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .HLN file. The attacker must entice a victim into opening a specially crafted .HLN file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a vulnerability in the BarcodeWiz.dll module included in the Barcodewiz application. The exploit is triggered when the LoadProperties() method processes a malformed argument resulting in a memory corruption. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Subscribe to Windows