PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability

Rocco Calvi

October 5, 2011

CVE: CVE-2011-4044
Affected Vendor: ARC Informatique
Affected Product: PcVue 10.0
Exploit Type: Metasploit Module
Metasploit Module: exploit/windows/browser/pcvue_func

Description

This module exploits a function pointer control within SVUIGrd.ocx of PcVue 10.0. By setting a DWORD value for the SaveObject() or LoadObject() methods, an attacker can overwrite a function pointer and execute arbitrary code.

References

Rapid7 Module