Tencent QQ LaunchP2PShare Multiple Stack Buffer Overflow Vulnerabilities

Tencent QQ LaunchP2PShare Multiple Stack Buffer Overflow Vulnerabilities

Tencent QQ is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

These issues affect Tencent QQ 2006 and prior versions.