libpng mail client exploit v1.11 Vulnerability exploited: CAN-2004-0597 - BID-10857 Category: Exploits/Client Side This module exploits a stack buffer overflow in libpng 1.2.5 and earlier to install a level0 agent. The module sends an email with a malformed png file attached, when the mail is read with a vulnerable mail client a level0 agent will be installed. The exploit code is specially crafted to avoid the user detecting the exploitation. The number of agents installed depends in how many times the user reads the mail, a new thread is created for each one. Supported Systems: Windows 2000 Professional - sp4 (i386) Mozilla Thunderbird 0.2 (20030901) Mozilla Thunderbird 0.3 (20031013) Mozilla Thunderbird 0.4 (20031205) Mozilla Thunderbird 0.5 (20040207) Mozilla Thunderbird 0.6 (20040502) Mozilla Thunderbird 0.7 (20040616) Mozilla Thunderbird 0.7.1 (20040626) Mozilla Thunderbird 0.7.2 (20040707) Mozilla 1.3 Mozilla 1.5 Mozilla 1.5a Mozilla 1.6 Mozilla 1.7 Mozilla 1.7.1 This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.