CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability

CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability


BlueSkychat is a professional voice and video chat software widely used
by large chat websites in china.


Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered
a vulnerability .

Remote exploitation of a buffer overflow in an ActiveX control
with Bluesky.cn could allow for the execution of arbitrary code.

When Blueskychat are installed, they register the following ActiveX
control on the system:

ProgId: V2.V2Ctrl.1
ClassId: 2EA6D939-4445-43F1-A12B-8CB3DDA8B855
File: v2.ocx

This control contains a buffer overflow in its ConnecttoServer() method.

This is a clent side vulnerability. So the clients of following chat
servers which install the affected BlueSkyCat software are affected.
bliao http://www.bliao.com
qqliao http://www.qqliao.com
7liao http://www.7liao.com
haoliao http://www.haoliao.net
51liao http://chat.51liao.net
heshang http://www.heshang.net
xicn http://vchat.xicn.net
CN104 http://www.cn104.com
liao-tian http://www.liao-tian.com
aliao http://www.aliao.net
kuailiao http://www.kuailiao.com
mtliao http://www.mtliao.com
pj0427 http://www.pj0427.com
uighur http://chat.uighur.cn
wmliao http://www.wmliao.com

see full report:




[0day wild]symantec anti-virus Local Privilege Escalation Vulnerability

A team named whitecell (http://www.whitecell.org/list.php?id=49 ) discover a new symantec anti-virus Local Privilege Escalation Vulnerability. The vendor is not noticed.

Exploitation allows an attacker to execute arbitrary code within the context of the kernel.
And exploit has high rate of succeed.

Code Audit Labs has confirmed the existence of the vulnerability within last update Symantec AntiVirus