Hi. Just to mention that i found this long time ago, this overflows were mentioned as an example on my talk at Black Hat Windows 2004 about ActiveX: http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo.pdf Here in the examples you can see the reference to it on file WTHoster Class.html: http://www.blackhat.com/presentations/win-usa-04/bh-win-04-cerrudo/bh-win-04-cerrudo-examples.zip Cesar. --- NGSSoftware Insight Security Research <nisr@xxxxxxxxxxxxxxx> wrote: > NGSSoftware Insight Security Research Advisory > > Name: WildTangent Web Driver Long FileName Stack > Overflow > Systems Affected: WildTangent Web Driver 4.0 > (earlier versions not tested) > Severity: High > Vendor URL: http://www.wildtangent.com > Author: Peter Winter-Smith [ peter@xxxxxxxxxxxxxxx ] > Date Vendor Notified: 31th March 2004 > Date of Public Advisory: 27th May 2004 > Advisory number: #NISR27052004 > Advisory URL: > http://www.ngssoftware.com/advisories/wildtangent.txt > > > Description > *********** > > WildTangent provide high quality interactive media > technology to the > Internet in the form of their WebDriver. This is > used by some of the > largest companies and corporations world-wide to > provide advanced media > content to over 80 million users of their Internet > plug-in. > > > Details > ******* > > It is possible to cause a number of buffer overruns > within the WildTangent > package, namely within the WTHoster and WebDriver > modules, via any method __________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/
