• Home
  • About
  • Articles
  • News
  • Projects
  • Contact
  • RSS

I discovered a buffer overflow in Persist Software XUpload package while researching ActiveX exploitation.

XUpload is prone to a buffer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

An exploit is in the wild. See the SecurityFocus advisory for more details.

Posted on Tuesday, February 26th, 2008

  • Latest Blog Entries:

  • OWASP Talk: PHP Code Analysis: Real World Examples
  • Persists Software XUpload Buffer Overflow
  • Livelink UTF-7 XSS Vulnerability
  • Textlinkads SQL Injection Vulnerability released
  • Full Disclosure Saga Continues