• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IP Messenger For Win Filename Buffer Overflow Vulnerability

IP Messenger For Win has been reported prone to Buffer overflow Vulnerability.

Reportedly the issue presents itself due to a lack of sufficient bounds checking performed on the filename of a file supplied through IP Messenger.
Reportedly an attacker may present a malicious file to the victim through IP Messenger. The filename will be of sufficient length to trigger the condition.

Ultimately an attacker may exploit this vulnerability to execute arbitrary operation codes. Code execution would occur in the context of the user running the vulnerable IP Messenger application.