vendor:
Bigant Messenger
by:
Steven Seeley - mr_me( AT )corelan.be
7.5
CVSS
HIGH
Heap Overflow
Unknown
CWE
Product Name: Bigant Messenger
Affected Version From: <= v2.52
Affected Version To: <= v2.52
Patch Exists: YES
Related CWE: Unknown
CPE: Unknown
Platforms Tested: Windows XP SP3 (IE 6 & 7)
Unknown
Bigant Messenger <= v2.52 - (AntCore.dll) RegisterCom() Remote 0day Heap Overflow Exploit
This exploit targets a heap overflow vulnerability in the RegisterCom() function of the AntCore.dll library in Bigant Messenger version 2.52 and earlier. The vulnerability allows an attacker to remotely execute arbitrary code on a vulnerable system. The exploit takes advantage of this vulnerability to create a custom HTTP response that triggers the overflow and executes the attacker's code. This exploit has been tested on Windows XP SP3 with Internet Explorer 6 and 7.
Mitigation:
The vendor has released a patch for this vulnerability. Users are advised to update to Bigant Messenger version 2.55 SP8 or later to mitigate this issue.
