CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability
BACKGROUND:
===========
BlueSkychat is a professional voice and video chat software widely used
by large chat websites in china.
DESCRIPTION:
============
Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered
a vulnerability .
Remote exploitation of a buffer overflow in an ActiveX control
distributed
with Bluesky.cn could allow for the execution of arbitrary code.
When Blueskychat are installed, they register the following ActiveX
control on the system:
ProgId: V2.V2Ctrl.1
ClassId: 2EA6D939-4445-43F1-A12B-8CB3DDA8B855
File: v2.ocx
This control contains a buffer overflow in its ConnecttoServer() method.
This is a clent side vulnerability. So the clients of following chat
servers which install the affected BlueSkyCat software are affected.
bliao http://www.bliao.com
qqliao http://www.qqliao.com
7liao http://www.7liao.com
haoliao http://www.haoliao.net
51liao http://chat.51liao.net
heshang http://www.heshang.net
xicn http://vchat.xicn.net
CN104 http://www.cn104.com
liao-tian http://www.liao-tian.com
aliao http://www.aliao.net
kuailiao http://www.kuailiao.com
mtliao http://www.mtliao.com
pj0427 http://www.pj0427.com
uighur http://chat.uighur.cn
wmliao http://www.wmliao.com
see full report:
english
chinese
Subscribe to:
Post Comments (Atom)
1 comment:
thanks for sharing this site. there are various kinds of ebooks available from here
http://feboook.blogspot.com
Post a Comment