The vulnerability is caused due to a boundary error when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted file of said extension.

This module exploits an uninitialised stack variable vulnerability in "nxfs.sys" by calling to DeviceIoControl function using IOCTL 0x00222014 and 0x00222030 with crafted parameters.

This exploit executes code at a user-defined (local) path as SYSTEM, when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user

This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting an invalid pointer reference in Internet Explorer.

This module exploits a double free when parsing a specially crafted .PDF file.

This module exploits a buffer overflow when parsing a specially crafted .ZIP file.

The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem in VdBroadWinGetLocalDataLogEx. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer.

This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.

The specific flaw exists within the processing of FLN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.

Delta Industrial Automation COMMGR is prone to a buffer-overflow vulnerability when handling a crafted packet.