|
Bugtraq
mailing list archives
Re: WildTangent Web Driver Long FileName Stack Overflow
From: Cesar <cesarc56 () yahoo com>
Date: Fri, 28 May 2004 09:00:13 -0700 (PDT)
Hi.
Just to mention that i found this long time ago, this
overflows were mentioned as an example on my talk at
Black Hat Windows 2004 about ActiveX:
http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo.pdf
Here in the examples you can see the reference to it
on file WTHoster Class.html:
http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo-examples.zip
Cesar.
--- NGSSoftware Insight Security Research
<nisr () ngssoftware com> wrote:
NGSSoftware Insight Security Research Advisory
Name: WildTangent Web Driver Long FileName Stack
Overflow
Systems Affected: WildTangent Web Driver 4.0
(earlier versions not tested)
Severity: High
Vendor URL: http://www.wildtangent.com
Author: Peter Winter-Smith [ peter () ngssoftware com ]
Date Vendor Notified: 31th March 2004
Date of Public Advisory: 27th May 2004
Advisory number: #NISR27052004
Advisory URL:
http://www.ngssoftware.com/advisories/wildtangent.txt
Description
***********
WildTangent provide high quality interactive media
technology to the
Internet in the form of their WebDriver. This is
used by some of the
largest companies and corporations world-wide to
provide advanced media
content to over 80 million users of their Internet
plug-in.
Details
*******
It is possible to cause a number of buffer overruns
within the WildTangent
package, namely within the WTHoster and WebDriver
modules, via any method
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
 By Date 
By Thread
Current thread:
| 
Intro
