The vulnerability is caused due to a boundary error when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted file of said extension.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Microsoft Windows Shell does not properly sanitize special characters in a URI, allowing to open a dangerous files. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
Microsoft Windows Shell does not properly validate file paths, allowing the execution of ".SettingContent-ms" files from outside the "ImmersiveControlPanel" folder. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Fuji Electric V-Server is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .VPR document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error when handling .WAV files. This can be exploited to cause a stack-based buffer overflow via a specially crafted file of said extension.
The vulnerability is caused due to a boundary error when handling .WMA/.MP3/.WAV files. This can be exploited to cause a stack-based buffer overflow via a specially crafted file of said extension.
The vulnerability is caused due to a boundary error when handling .PDF files. This can be exploited to cause a stack-based buffer overflow via a specially crafted file of said extension.
Delta Automation CNCSoft Screen Editor is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .DPB document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.