Friday, January 26, 2007

NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow

Secunia Research has discovered a vulnerability in NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the NCTAudioFile2.

AudioFile ActiveX control (NCTAudioFile2.dll) when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method.

Successful exploitation allows execution of arbitrary code.

--------------------------------------------

As it turns out, this ActiveX Control is used in over 70 applications...therefore this vulnerability just became a lot more serious. Welcome to the world of ActiveX, thank you...drive thru.

Major Pwnage.

No comments:

Post a Comment