The FileView ActiveX control (WZFILEVIEW.FileViewCtrl.61) could allow a remote attacker to execute arbitrary code on the system. The control contains several unsafe methods and is marked safe for scripting and safe for initialization. A remote attacker could exploit this vulnerability to execute arbitrary code on the victim system. WinZip 10.0 <= Build 6667 are vulnerable.
This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.
This module allows remote attackers to place arbitrary files on a users file system via the Microsoft Office Snapshot Viewer ActiveX Control.
This module exploits a stack-based buffer overflow in WebEx's WebexUCFObject ActiveX Control. If an long string is passed to the 'NewObject' method, a stack-based buffer overflow will occur when copying attacker-supplied data using the sprintf function. It is noteworthy that this vulnerability was discovered and reported by multiple independent researchers. To quote iDefense's advisory, 'Before this issue was publicly reported, at least three independent security researchers had knowledge of this issue; thus, it is reasonable to believe that even more people were aware of this issue before disclosure.' NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.
This module exploits a stack buffer overflow in the NCTAudioFile2.Audio ActiveX Control provided by various audio applications. By sending a overly long string to the SetFormatLikeSample() method, an attacker may be able to execute arbitrary code.
This module allows attackers to execute code via an unsafe methods in Macrovision InstallShield 2008.
This module exploits a stack buffer overflow in E-BOOK Systems FlipViewer 4.0. The vulnerability is caused due to a boundary error in the FViewerLoading (FlipViewerX.dll) ActiveX control when handling the 'LoadOpf()' method.
This module allows remote attackers to install and execute arbitrary files on a user's file system via AeXNSPkgDLLib.dll (6.0.0.1418). This module was tested against Symantec Altiris Deployment Solution 6.9 sp3.
This is a remote exploit for eSignal v7.6 software. The exploit allows an attacker to execute arbitrary code on a remote system. The exploit uses a buffer overflow vulnerability in the software to overwrite the return address and redirect the execution flow to the attacker's shellcode. The shellcode downloads and executes a file from a specified URL. The exploit requires the IP address and port of the target system as arguments.
This module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the 'Operation Aurora' attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
Services By CQR