eSignal and eSignal Pro File Parsing Buffer Overflow in QUO

Rocco Calvi

September 6, 2011

CVE: CVE-2011-3494
Affected Vendor: eSignal
Affected Product: eSignal
Exploit Type: Metasploit Module
Metasploit Module: exploit/windows/fileformat/esignal_styletemplate_bof

Description

eSignal and eSignal Pro versions 10.6.2425.1208 and earlier are unable to safely handle QUO, SUM and POR files. The vulnerability allows arbitrary code execution through a specially crafted file. Exploitation uses an egghunter technique and may take several seconds.

References

Rapid7 Module