Full title: IcoFX 2.1 (.ico) - Stack Buffer Overflow 
Category: local exploits
Platform: windows
This Metasploit module exploits a stack-based buffer overflow vulnerability in version 2.1 of IcoFX. The vulnerability exists while parsing .ICO files, where an specially crafted ICONDIR header, providing an arbitrary long number of images into the file, can be used to trigger the overflow when reading the ICONDIRENTRY structures.

# 0day.today @ http://0day.today/