Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

IndiaTimes Instant Messenger ActiveX RenameGroup Function Overflow

Medium

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running IndiaTimes Instant Messaging client. IndiaTimes allows users to consolidate ICQ, Yahoo, AIM and MSN messengers into a single GUI console. This version of IndiaTimes is vulnerable to a remote buffer overflow. An attacker exploiting this flaw would need to be able to convince a user to browse to a malicious website and execute a malicious ActiveX control. Successful exploitation would lead to the attacker executing arbitrary code on the remote system.

Solution

No solution is known at this time.