[35057] in bugtraq
Re: WildTangent Web Driver Long FileName Stack Overflow
daemon@ATHENA.MIT.EDU (Cesar)
Fri May 28 16:39:23 2004
Message-ID: <20040528160013.75668.qmail@web40007.mail.yahoo.com>
Date: Fri, 28 May 2004 09:00:13 -0700 (PDT)
From: Cesar <cesarc56@yahoo.com>
To: NGSSoftware Insight Security Research <nisr@ngssoftware.com>,
vulnwatch@vulnwatch.org, bugtraq@securityfocus.com
In-Reply-To: <20040527120105.90E4315F59D@mail.ngssoftware.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Hi.
Just to mention that i found this long time ago, this
overflows were mentioned as an example on my talk at
Black Hat Windows 2004 about ActiveX:
http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo.pdf
Here in the examples you can see the reference to it
on file WTHoster Class.html:
http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo-examples.zip
Cesar.
--- NGSSoftware Insight Security Research
<nisr@ngssoftware.com> wrote:
> NGSSoftware Insight Security Research Advisory
>
> Name: WildTangent Web Driver Long FileName Stack
> Overflow
> Systems Affected: WildTangent Web Driver 4.0
> (earlier versions not tested)
> Severity: High
> Vendor URL: http://www.wildtangent.com
> Author: Peter Winter-Smith [ peter@ngssoftware.com ]
> Date Vendor Notified: 31th March 2004
> Date of Public Advisory: 27th May 2004
> Advisory number: #NISR27052004
> Advisory URL:
>
http://www.ngssoftware.com/advisories/wildtangent.txt
>
>
> Description
> ***********
>
> WildTangent provide high quality interactive media
> technology to the
> Internet in the form of their WebDriver. This is
> used by some of the
> largest companies and corporations world-wide to
> provide advanced media
> content to over 80 million users of their Internet
> plug-in.
>
>
> Details
> *******
>
> It is possible to cause a number of buffer overruns
> within the WildTangent
> package, namely within the WTHoster and WebDriver
> modules, via any method
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
