Acoustica Beatcraft contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Acoustica Beatcraft when handling .BCPROJ files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .BCPROJ file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in ACDSee Products (ID_X.apl plugin). The vulnerability is caused due to boundary error in ID_X.apl within the processing of xpm files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
Multiple ACDSee products are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks when processing a malformed TIFF image. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
ACDSee Photo Editor is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .XBM file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
ACDSee FotoSlate is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .PLP file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
ACDSee FotoSlate is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .PLP file. The attacker must entice a victim into opening a specially crafted .PLP file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
ACDSee Canvas is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .CVI file. The attacker must entice a victim into opening a specially crafted .CVI file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
ABBS Audio Media Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in ABBS Audio Media Player when handling long .lst files. When a large playlist is processed a buffer overflow occurs and allows an attacker to gain control of the execution by overwriting a return address. This can be exploited via a specially crafted .lst file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The specific flaw exists within the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control. The SaveCurrentImageEx method copies an attacker provided filename into a fixed size buffer. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Subscribe to Windows