Autodesk IDrop ActiveX Control Heap Memory Corruption

No description provided by source. $Id: autodeskidrop.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

Autodesk IDrop ActiveX Control Heap Corruption

The IDrop ActiveX control, a utility from Autodesk that provides the ability to drag and drop web content into a drawing session, is installed on the remote Windows host. Manipulation of the control's 'Src', 'Background', and 'PackageXml' properties reportedly can be abused to trigger a...

Autodesk IDrop ActiveX控件多个堆溢出漏洞

BUGTRAQ ID: 34352 I-drop功能是Autodesk公司产品中所提供的技术，允许用户从Internet上将纹理、灯光、模型等对象直接拖到设计环境中。 为了实现I-drop技术，用户需要安装i-drop indicator程序。该程序所提供的Autodesk IDrop ActiveX控件（IDrop.ocx）没有正确地验证用户对Src、Background和PackageXml属性所传送的参数。如果用户受骗访问了恶意网页并向上述属性传送了超长参数，就可以触发堆溢出，导致执行任意代码。 Autodesk IDrop ActiveX 17.1.51.160 临时解决方法：...

Autodesk IDrop ActiveX Control Heap Corruption Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Who: Autodesk http://www.autodesk.com What: Autodesk IDrop ActiveX Control http://usa.autodesk.com/adsk/servlet/index?siteID=123112&id=2753219& linkID=9240618 IDrop.ocx version 17.1.51.160 21E0CB95-1198-4945-A3D2-4BF804295F78 How: The Src, Background,...