The vulnerability is caused due to a boundary error in theNCTAudioFile2.AudioFile ActiveX control when handling the"SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method.
79 Exes's / IE NCTAudioFile2.AudioFile ActiveX Remote Stack Overfl0w [PoC]
Auther: InTeL
Original Advisory: http://secunia.com/secunia_research/
Attack Vector: EIP smash
Type: Remote (Malicious webpage)
Mail: intel@stole.in
http://www.milw0rm.com/exploits/3728
No comments:
Post a Comment