Bugtraq mailing list archives
Re: WildTangent Web Driver Long FileName Stack Overflow
From: Cesar <cesarc56 () yahoo com>
Date: Fri, 28 May 2004 09:00:13 -0700 (PDT)
Hi. Just to mention that i found this long time ago, this overflows were mentioned as an example on my talk at Black Hat Windows 2004 about ActiveX: http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo.pdf Here in the examples you can see the reference to it on file WTHoster Class.html: http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo-examples.zip Cesar. --- NGSSoftware Insight Security Research <nisr () ngssoftware com> wrote:
NGSSoftware Insight Security Research Advisory Name: WildTangent Web Driver Long FileName Stack Overflow Systems Affected: WildTangent Web Driver 4.0 (earlier versions not tested) Severity: High Vendor URL: http://www.wildtangent.com Author: Peter Winter-Smith [ peter () ngssoftware com ] Date Vendor Notified: 31th March 2004 Date of Public Advisory: 27th May 2004 Advisory number: #NISR27052004 Advisory URL:
http://www.ngssoftware.com/advisories/wildtangent.txt
Description *********** WildTangent provide high quality interactive media technology to the Internet in the form of their WebDriver. This is used by some of the largest companies and corporations world-wide to provide advanced media content to over 80 million users of their Internet plug-in. Details ******* It is possible to cause a number of buffer overruns within the WildTangent package, namely within the WTHoster and WebDriver modules, via any method
__________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/
Current thread:
- WildTangent Web Driver Long FileName Stack Overflow NGSSoftware Insight Security Research (May 27)
- Re: WildTangent Web Driver Long FileName Stack Overflow Cesar (May 28)