sinn3r d3e57ffc46 Add OSVDB-93754: Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow ...

This module exploits a vulnerability found in Synactis' PDF In-The-Box ActiveX
component, specifically PDF_IN_1.ocx.  When a long string of data is given
to the ConnectToSynactis function, which is meant to be used for the ldCmdLine
argument of a WinExec call, a strcpy routine can end up overwriting a TRegistry
class pointer saved on the stack, and results in arbitrary code execution under the
context of the user.

2013-06-06 20:05:08 -05:00

..

aix

msftidy: Remove $Revision$

2013-01-04 00:48:10 +01:00

apple_ios

msftidy: Remove $Revision$

2013-01-04 00:48:10 +01:00

bsdi/softcart

Merges and resolves CJR's normalize_uri fixes

2013-01-07 11:16:58 -06:00

dialup/multi/login

msftidy: Remove $Revision$

2013-01-04 00:48:10 +01:00

freebsd

Remove $Id tags

2013-05-20 16:21:03 -05:00

hpux/lpd

msftidy: Remove $Revision$

2013-01-04 00:48:10 +01:00

irix/lpd

msftidy: Remove $Revision$

2013-01-04 00:48:10 +01:00

linux

add osvdb ref 93881 and edb ref 21191

2013-06-05 18:57:33 -05:00

multi

Move exploit under the linux tree

2013-06-04 08:53:18 -05:00

netware

msftidy: Remove $Revision$

2013-01-04 00:48:10 +01:00

osx

Module rename

2013-03-04 10:54:33 -06:00

solaris

msftidy: Remove $Revision$

2013-01-04 00:48:10 +01:00

unix

changed to array in array

2013-05-16 19:03:47 +02:00

windows

Add OSVDB-93754: Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow

2013-06-06 20:05:08 -05:00