«
Expand/Collapse
987 items tagged "overflow"
Related tags:
tftp [+],
overflow error [+],
downloader [+],
stack [+],
wireshark [+],
server [+],
remote buffer overflow [+],
integer overflow vulnerability [+],
buffer overflow [+],
ultraplayer [+],
torcs [+],
studio [+],
pls file [+],
packet buffer [+],
oracle [+],
opera [+],
openoffice [+],
mmplayer [+],
dj studio [+],
apple mac os [+],
tivoli [+],
player [+],
overflow vulnerability [+],
ibm [+],
fotoslate [+],
codesys [+],
black hat [+],
apple mac os x [+],
acdsee [+],
xradio [+],
usa [+],
remote buffer overflow vulnerability [+],
g wan [+],
flashfxp [+],
file [+],
bugtraq [+],
buffer overflow vulnerabilities [+],
95b [+],
buffer overflow vulnerability [+],
based buffer overflow [+],
xdb [+],
xchat [+],
x cve [+],
winamp [+],
vulnerability exploitation [+],
vlc media player [+],
vlc [+],
uri [+],
unsuspecting victim [+],
unrealircd [+],
u ftp [+],
traversal [+],
tivoli provisioning manager express [+],
tivoli provisioning manager [+],
tiff images [+],
tiff image [+],
tiff [+],
tftp service [+],
tcp ip [+],
string element [+],
streamdown [+],
stream [+],
strategic [+],
sterling trader [+],
sprintf function [+],
sopcast [+],
skincrafter [+],
sim editor [+],
serv u ftp [+],
scriptftp [+],
samsung [+],
s codesys [+],
rrq [+],
rm mp [+],
response packet [+],
resedit [+],
request packet [+],
remote controllers [+],
remote buffer overflow exploit [+],
read request [+],
processing network [+],
ppl [+],
power [+],
port 4444 [+],
plotlinecentral [+],
php [+],
patch [+],
org [+],
oracle hyperion [+],
oracle 10g [+],
opera version [+],
openview [+],
opentftp [+],
ole [+],
null pointers [+],
null [+],
network requests [+],
network node manager [+],
mms [+],
manager express [+],
m3u playlist [+],
local buffer overflow [+],
libzip [+],
knftp [+],
keyview [+],
irfanview [+],
information leak [+],
import command [+],
imagemagick [+],
hyperion [+],
htmlspecialchars [+],
htaccess file [+],
hp power [+],
highcms [+],
gsm sim [+],
gsm [+],
exception handler [+],
evasion [+],
documentsummaryinformation [+],
directory traversal [+],
directory [+],
cyberlink [+],
csp [+],
csound [+],
code execution [+],
ccmplayer [+],
bs player [+],
brute [+],
beyondchm [+],
avi processing [+],
avi [+],
autonomy [+],
attacker [+],
arbitrary code [+],
apache [+],
active x control [+],
absoluteftp [+],
stack buffer [+],
vmstat [+],
tzfile [+],
tiny [+],
stream recorder [+],
shadow [+],
seh [+],
ripper [+],
richard johnson tags [+],
richard johnson [+],
presto [+],
plp [+],
peter silberman [+],
pe explorer [+],
pagemanager [+],
office excel [+],
office [+],
mp3 cd ripper [+],
microsoft office [+],
microsoft [+],
isig [+],
iptools [+],
greg hoglund [+],
glibc [+],
free mp3 cd [+],
free [+],
files [+],
explorer 1 [+],
explorer [+],
exploitation [+],
excel [+],
castripper [+],
argument [+],
advanced [+],
denial of service [+],
xen [+],
x86 [+],
x mdnsresponder [+],
x flic [+],
x flashpix [+],
worldmail [+],
tor unspecified [+],
tor socks connection [+],
taglib [+],
subtitle [+],
smashing [+],
skinny channel [+],
remote [+],
quot [+],
powershell [+],
paper [+],
orbit downloader [+],
orbit [+],
multiple buffer overflow [+],
multiple [+],
mitkrb [+],
midioutplaynextpolyevent [+],
manager [+],
magentservice [+],
loop [+],
license server [+],
libpng [+],
information disclosure [+],
incorrect [+],
imapd [+],
freeamp [+],
flash [+],
exploit [+],
exe [+],
driver ast [+],
divide by zero [+],
denial [+],
cve [+],
coreaudio [+],
control [+],
comparison [+],
cogent [+],
cisco webex [+],
cisco security advisory [+],
cisco security [+],
bsnes [+],
bsd [+],
asia [+],
architecture [+],
apple itunes [+],
advisory [+],
adobe flash player [+],
adobe [+],
activex control [+],
integer overflow [+],
exploits [+],
arbitrary code execution [+],
proof of concept [+],
heap [+],
m3u file [+],
buffer overflow exploit [+],
buffer [+],
stack overflow [+],
vulnerability [+],
integer [+],
zsl,
ziproxy,
zipitfast,
zipgenius,
zip file,
zdi,
xterm,
xrfc,
xpl,
xnview,
xls,
x uri stack,
x server,
x series,
x quicktime,
x quicklook,
x player,
x jpeg encoded,
x imageio,
x icu,
x coregraphics,
x corefoundation,
x coreaudio,
x control,
x common,
x colorsync,
x buffer,
wxgtk,
wvxworks,
wrf files,
wrf,
workspace,
wordtrainer,
wmp,
wma mp3 converter,
wizard version,
winplot,
winmerge,
wingate version,
wingate,
windows media player,
windows,
winamp versions,
webappmon,
web server version,
wav to mp3 converter,
wav file,
wav,
vuplayer,
vulnerability research,
vmware products,
vmware,
vista,
visio,
viewer,
videospirit,
video,
version 6,
version,
vendor,
vcf,
vcard file,
vbsedit,
vbs files,
validation checks,
uusee,
usr,
user,
url,
update,
unrar,
unicode,
ultraiso,
ubuntu,
ubisoft,
u file,
txt,
tugzip,
transport mode,
transport,
tooltalk,
tomas hoger,
time zone name,
tiff integer,
tiff heap,
thunderbird,
tgz,
tftpgui,
tetex,
telesyn,
system versions,
symantec security,
symantec products,
symantec,
sybase,
swingette,
swftools,
swapfile,
support c,
sunjavawebserver,
sun java jdk,
stud,
sterling,
stack overflows,
ssl vpn,
srx,
sreplace,
sprintf,
splayer,
sonique,
sonicwall,
somplplayer,
solaris,
simplyplay,
simple,
sim utility,
shop,
shellcode,
shell session,
shell,
sfcb,
server versions,
server version,
server rpc,
server password,
seil,
seh dep,
security vulnerabilities,
security advisory,
security,
secure,
script file,
scada,
sblim,
sap,
safer use,
safari,
s system,
rxssetdatagrowthscheduleandfilter,
rtl,
rspmp,
rosoft,
rop,
rm to mp3 converter,
rm to mp3,
ringtone maker,
ringtone,
request,
realplayer,
realnetworks inc,
realnetworks,
reads,
reader v3,
reader,
rc3,
radasm,
quicktime pict,
quickplayer,
quickeasy,
qcp,
qbik,
proxy service,
proxy,
provj,
proper bounds,
proftpd,
professional version,
professional,
processing,
pro versions,
prevention mechanism,
powerpoint,
pop peeper,
pop,
poison ivy 2,
poison,
poc,
png images,
plotwn,
player v3,
php version,
photo,
peeper,
pdf,
pcvue,
pcre,
path environment,
path,
pass,
pango,
paint shop,
paint,
pad,
ovwebhelp,
overwrite,
overflow errors,
overflow bug,
ovalarm,
otsturntables,
orbital viewer,
orbital,
orb,
opie,
open music,
opc client,
opc,
online,
ollydbg,
olf,
offset,
numberformatter,
null pointer dereference,
nsv,
nsoadv,
nse,
novell,
notes,
notepad,
norex,
nnmrptconfig,
nnm,
nmap,
ngs,
newt,
netsupport,
netbsd,
netb,
neroburningrom,
nero burning rom,
ncss,
nator,
n easy,
mymp,
music,
mtm,
msf,
msdef,
mplayer,
mpg file,
mpeg layer 3,
mpeg,
mpc,
mp4 converter,
mp3 player,
mp3 file,
mp3 cd converter,
mp3,
mozilla,
movieplay,
motorola sb5101,
motorola,
module,
mod,
mkd,
mjm,
miroslav lichvar,
ministreamripper,
minishare,
mini stream ripper,
mini stream,
microsoft windows server,
microsoft windows defender,
microsoft windows,
microsoft reader,
microsoft mpeg,
mic,
metasploit,
metaserver rt,
metaserver,
meta,
messenger,
memory technique,
memory corruption,
memory allocations,
memory,
mediamonkey,
mediacoder,
media player classic,
media,
mbm,
martin barbella,
mark dowd,
mapserver,
mandriva linux,
manager agent,
maker,
mac os x server,
mac os x,
mac os,
m3u,
m stack,
luigi auriemma,
lst file,
lotus,
long,
local,
load c,
live,
lite,
liquidxml,
linux,
linebox,
libtiff,
libsndfile,
libmodplug,
lgserver,
legitimate users,
leadtools,
layer,
language,
kpl,
kpdf,
kolibri,
knftpd,
kmplayer,
kingview,
kernel stack,
kernel,
juniper srx,
jpeg encoded,
jpeg,
jetaudio,
jdkjreunpack,
java web server,
j integra,
ivy,
ios,
ionix,
internet security,
intellitamper,
integraxor,
integra 2,
instantiate,
install,
incredimail,
imesh,
image buffer,
idefense security advisory,
idefense,
idealadmin,
iconics,
ica,
i.d. manager,
httpupload,
http header,
html,
hp photo,
hp openview,
hmi,
hero dvd,
hero,
heap corruption,
hack,
gsmsim,
gomplayer,
golden,
gnu,
glsa,
ghost recon,
ghost,
gentoo linux security,
genstat,
genocide,
gd library,
gd extension,
ftpgetter,
ftp service,
ftp server,
ftp commands,
ftp,
freewmamp,
freemp,
freecdmp,
free wma mp3 converter,
free cd to mp3 converter,
frame size,
foxit,
format string,
foobar,
flvplayer,
flac,
fish irssi,
fish,
firefox,
filesharingwizard,
file corruption,
fieldnotes,
ffmpeg,
fcd,
fathftp,
factorylink,
expoits,
execution options,
execution,
eviews,
esignal,
enzip,
emc,
electronic flash,
editor,
edisi,
econet,
ecava,
easyftp,
easy,
e class,
dxf file,
dvd x player,
dvd,
dos vulnerability,
dos,
domino web,
dominic chell,
dll,
dizzy,
discovery,
digital music,
digital,
dicom images,
destiny player,
destiny media player,
destiny,
defender,
dbpowerampap,
day,
david litchfield,
datahub,
database server,
database,
data frame,
data architect,
daqfactory,
dalili,
daemon,
cutezip,
cue file,
cue,
css selectors,
critical vulnerability,
crash proof,
crash,
corruption,
corel,
coolplayer,
cookie value,
convertor,
converter,
control versions,
compilation,
command execution,
colorsync profile,
codeblocks,
code microsoft,
code,
cliprex,
clickunzip,
classic,
citrix ica,
citrix,
chunk data,
chunk,
chris evans,
chm files,
chat server,
chasysmp,
cd to mp3 converter,
c versions,
c stack,
c buffer,
bywifi,
build,
buffer overflow tutorial,
buffer overflow exploits,
buffer overflow condition,
browser engine,
bitdefender,
bisonftp server,
bisonftp,
bindshell,
beta local,
beta,
ben hawkes,
barbella,
avtech software,
avs,
avi file,
avcon,
autostart,
autoplay,
automatic,
auriemma,
audiotran,
audio player,
audio convertor,
audio converter,
audio,
atp,
atomixmp3,
atomixmp,
asxmp,
asx to mp3 converter,
asx file,
array,
arabic,
application crash,
apple webkit,
apple safari,
apple quicktime,
apple ios,
ape file,
ape,
apdfwavmp,
aol,
aoa,
alzip,
alplayer,
allied telesyn,
allied,
alexander sotirov,
aika,
agentx,
advantage,
address,
activex,
activeperl,
active x,
active,
abbs,
aac,
a pdf
-
-
19:44
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
-
19:44
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
-
19:44
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
-
-
16:27
»
Packet Storm Security Advisories
A vulnerability is caused due to an integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. This can be exploited to cause a heap-based buffer overflow via, for example using a specially crafted JPEG object within a DOC file. OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to Apache OpenOffice 3.4. Users who are unable to upgrade immediately should be cautious when opening untrusted documents.
-
16:27
»
Packet Storm Security Recent Files
A vulnerability is caused due to an integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. This can be exploited to cause a heap-based buffer overflow via, for example using a specially crafted JPEG object within a DOC file. OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to Apache OpenOffice 3.4. Users who are unable to upgrade immediately should be cautious when opening untrusted documents.
-
16:27
»
Packet Storm Security Misc. Files
A vulnerability is caused due to an integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. This can be exploited to cause a heap-based buffer overflow via, for example using a specially crafted JPEG object within a DOC file. OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to Apache OpenOffice 3.4. Users who are unable to upgrade immediately should be cautious when opening untrusted documents.
-
-
15:45
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in VLC media player VLC media player prior to 2.0.0. The vulnerability is due to a dangerous use of sprintf which can result in a stack buffer overflow when handling a malicious MMS URI. This Metasploit module uses the browser as attack vector. A specially crafted MMS URI is used to trigger the overflow and get flow control through SEH overwrite. Control is transferred to code located in the heap through a standard heap spray. The module only targets IE6 and IE7 because no DEP/ASLR bypass has been provided.
-
15:45
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in VLC media player VLC media player prior to 2.0.0. The vulnerability is due to a dangerous use of sprintf which can result in a stack buffer overflow when handling a malicious MMS URI. This Metasploit module uses the browser as attack vector. A specially crafted MMS URI is used to trigger the overflow and get flow control through SEH overwrite. Control is transferred to code located in the heap through a standard heap spray. The module only targets IE6 and IE7 because no DEP/ASLR bypass has been provided.
-
15:45
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in VLC media player VLC media player prior to 2.0.0. The vulnerability is due to a dangerous use of sprintf which can result in a stack buffer overflow when handling a malicious MMS URI. This Metasploit module uses the browser as attack vector. A specially crafted MMS URI is used to trigger the overflow and get flow control through SEH overwrite. Control is transferred to code located in the heap through a standard heap spray. The module only targets IE6 and IE7 because no DEP/ASLR bypass has been provided.
-
-
11:58
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in Shadow Stream Recorder 3.0.1.7. Using the application to open a specially crafted asx file, a buffer overflow may occur to allow arbitrary code execution under the context of the user.
-
11:58
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in Shadow Stream Recorder 3.0.1.7. Using the application to open a specially crafted asx file, a buffer overflow may occur to allow arbitrary code execution under the context of the user.
-
-
10:22
»
Packet Storm Security Exploits
BeyondCHM version 1.1 suffers from a buffer overflow vulnerability when handling a specially crafted chm file. Proof of concept included.
-
-
23:36
»
Packet Storm Security Exploits
Samsung devices with support for remote controllers suffer from endless restart and possible buffer overflow vulnerabilities. Proof of concept code included.
-
23:36
»
Packet Storm Security Recent Files
Samsung devices with support for remote controllers suffer from endless restart and possible buffer overflow vulnerabilities. Proof of concept code included.
-
23:36
»
Packet Storm Security Misc. Files
Samsung devices with support for remote controllers suffer from endless restart and possible buffer overflow vulnerabilities. Proof of concept code included.
-
16:23
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in xRadio 0.95b. Using the application to import a specially crafted xrl file, a buffer overflow occurs allowing arbitrary code execution.
-
16:23
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in xRadio 0.95b. Using the application to import a specially crafted xrl file, a buffer overflow occurs allowing arbitrary code execution.
-
16:23
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in xRadio 0.95b. Using the application to import a specially crafted xrl file, a buffer overflow occurs allowing arbitrary code execution.
-
-
12:38
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in GSM SIM Editor 5.15. When opening a specially crafted .sms file in GSM SIM Editor a stack-based buffer overflow occurs which allows an attacker to execute arbitrary code.
-
12:38
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack-based buffer overflow in GSM SIM Editor 5.15. When opening a specially crafted .sms file in GSM SIM Editor a stack-based buffer overflow occurs which allows an attacker to execute arbitrary code.
-
12:38
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack-based buffer overflow in GSM SIM Editor 5.15. When opening a specially crafted .sms file in GSM SIM Editor a stack-based buffer overflow occurs which allows an attacker to execute arbitrary code.
-
-
18:33
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow vulnerability in the Isig.isigCtl.1 ActiveX installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. The vulnerability is found in the "RunAndUploadFile" method where the "OtherFields" parameter with user controlled data is used to build a "Content-Disposition" header and attach contents in a insecure way which allows to overflow a buffer in the stack.
-
18:33
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow vulnerability in the Isig.isigCtl.1 ActiveX installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. The vulnerability is found in the "RunAndUploadFile" method where the "OtherFields" parameter with user controlled data is used to build a "Content-Disposition" header and attach contents in a insecure way which allows to overflow a buffer in the stack.
-
18:33
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow vulnerability in the Isig.isigCtl.1 ActiveX installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. The vulnerability is found in the "RunAndUploadFile" method where the "OtherFields" parameter with user controlled data is used to build a "Content-Disposition" header and attach contents in a insecure way which allows to overflow a buffer in the stack.
-
-
18:02
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in Csound before 5.16.6. The overflow occurs when trying to import a malicious hetro file from tabular format. In order to achieve exploitation the user should import the malicious file through csound with a command like "csound -U het_import msf.csd file.het". This exploit doesn't work if the "het_import" command is used directly to convert the file.
-
18:02
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in Csound before 5.16.6. The overflow occurs when trying to import a malicious hetro file from tabular format. In order to achieve exploitation the user should import the malicious file through csound with a command like "csound -U het_import msf.csd file.het". This exploit doesn't work if the "het_import" command is used directly to convert the file.
-
18:02
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in Csound before 5.16.6. The overflow occurs when trying to import a malicious hetro file from tabular format. In order to achieve exploitation the user should import the malicious file through csound with a command like "csound -U het_import msf.csd file.het". This exploit doesn't work if the "het_import" command is used directly to convert the file.
-
-
18:52
»
Packet Storm Security Exploits
This Metasploit module creates a malicious .m3u file for a buffer overflow vulnerability in RM Downloader version 3.1.3.3.2010.06.26. It spawns calc.exe.
-
18:52
»
Packet Storm Security Recent Files
This Metasploit module creates a malicious .m3u file for a buffer overflow vulnerability in RM Downloader version 3.1.3.3.2010.06.26. It spawns calc.exe.
-
18:52
»
Packet Storm Security Misc. Files
This Metasploit module creates a malicious .m3u file for a buffer overflow vulnerability in RM Downloader version 3.1.3.3.2010.06.26. It spawns calc.exe.
-
-
20:23
»
Packet Storm Security Exploits
Presto! PageManager versions 9.01 and below suffer from heap overflow, arbitrary file downloading, and denial of service vulnerabilities.
-
19:54
»
Packet Storm Security Exploits
This Metasploit module exploits WM Downloader version 3.1.2.2.2010.04.15 that creates a malicious .m3u file that triggers a buffer overflow vulnerability to spawn calc.exe.
-
19:54
»
Packet Storm Security Recent Files
This Metasploit module exploits WM Downloader version 3.1.2.2.2010.04.15 that creates a malicious .m3u file that triggers a buffer overflow vulnerability to spawn calc.exe.
-
19:54
»
Packet Storm Security Misc. Files
This Metasploit module exploits WM Downloader version 3.1.2.2.2010.04.15 that creates a malicious .m3u file that triggers a buffer overflow vulnerability to spawn calc.exe.
-
-
20:32
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. When handling a .pls file, DJ Studio will copy the user-supplied data on the stack without any proper bounds checking done beforehand, therefore allowing code execution under the context of the user.
-
20:32
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. When handling a .pls file, DJ Studio will copy the user-supplied data on the stack without any proper bounds checking done beforehand, therefore allowing code execution under the context of the user.
-
20:32
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. When handling a .pls file, DJ Studio will copy the user-supplied data on the stack without any proper bounds checking done beforehand, therefore allowing code execution under the context of the user.
-
-
4:12
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to DJ Studio Pro. This functionality has not been tested in this module.
-
4:12
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to DJ Studio Pro. This functionality has not been tested in this module.
-
4:12
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to DJ Studio Pro. This functionality has not been tested in this module.
-
17:54
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below. When opening a malicious .pcap file in Wireshark, a stack buffer overflow occurs, resulting in arbitrary code execution.
-
17:54
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below. When opening a malicious .pcap file in Wireshark, a stack buffer overflow occurs, resulting in arbitrary code execution.
-
-
15:16
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in versions 2.112 of UltraPlayer by creating a specially crafted .m3u file. The file allows an attacker to execute arbitrary code.
-
15:16
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in versions 2.112 of UltraPlayer by creating a specially crafted .m3u file. The file allows an attacker to execute arbitrary code.
-
15:16
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in versions 2.112 of UltraPlayer by creating a specially crafted .m3u file. The file allows an attacker to execute arbitrary code.
-
-
9:22
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01213 without the SSRT100649 hotfix. By specifying a long 'textFile' argument when calling the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the "_OVBuildPath" function within "ov.dll". There are no stack cookies, so exploitation is achieved by overwriting the saved return address. The vulnerability is due to the use of the function "_OVConcatPath" which finally uses "strcat" in a insecure way. User controlled data is concatenated to a string which contains the OpenView installation path. To achieve reliable exploitation a directory traversal in OpenView5.exe (OSVDB 44359) is being used to retrieve OpenView logs and disclose the installation path.
-
9:22
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01213 without the SSRT100649 hotfix. By specifying a long 'textFile' argument when calling the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the "_OVBuildPath" function within "ov.dll". There are no stack cookies, so exploitation is achieved by overwriting the saved return address. The vulnerability is due to the use of the function "_OVConcatPath" which finally uses "strcat" in a insecure way. User controlled data is concatenated to a string which contains the OpenView installation path. To achieve reliable exploitation a directory traversal in OpenView5.exe (OSVDB 44359) is being used to retrieve OpenView logs and disclose the installation path.
-
9:22
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01213 without the SSRT100649 hotfix. By specifying a long 'textFile' argument when calling the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the "_OVBuildPath" function within "ov.dll". There are no stack cookies, so exploitation is achieved by overwriting the saved return address. The vulnerability is due to the use of the function "_OVConcatPath" which finally uses "strcat" in a insecure way. User controlled data is concatenated to a string which contains the OpenView installation path. To achieve reliable exploitation a directory traversal in OpenView5.exe (OSVDB 44359) is being used to retrieve OpenView logs and disclose the installation path.
-
-
17:10
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in BS.Player 2.57. When the playlist import is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
-
17:10
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in BS.Player 2.57. When the playlist import is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
-
17:10
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in BS.Player 2.57. When the playlist import is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
-
-
6:21
»
Packet Storm Security Exploits
This Metasploit module exploits Stream Down version 6.8.0 using a SEH based buffer overflow that is triggered when processing the server response packet. During the overflow a structured exception handler is overwritten.
-
6:21
»
Packet Storm Security Recent Files
This Metasploit module exploits Stream Down version 6.8.0 using a SEH based buffer overflow that is triggered when processing the server response packet. During the overflow a structured exception handler is overwritten.
-
6:21
»
Packet Storm Security Misc. Files
This Metasploit module exploits Stream Down version 6.8.0 using a SEH based buffer overflow that is triggered when processing the server response packet. During the overflow a structured exception handler is overwritten.
-
-
22:45
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in OpenTFTP Server SP 1.4. The vulnerable condition triggers when the TFTP opcode is configured as an error packet, the TFTP service will then format the message using a sprintf() function, which causes an overflow, therefore allowing remote code execution under the context of SYSTEM. The offset (to EIP) is specific to how the TFTP was started (as a 'Stand Alone', or 'Service'). By default the target is set to 'Service' because that's the default configuration during OpenTFTP Server SP 1.4's installation.
-
22:45
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in OpenTFTP Server SP 1.4. The vulnerable condition triggers when the TFTP opcode is configured as an error packet, the TFTP service will then format the message using a sprintf() function, which causes an overflow, therefore allowing remote code execution under the context of SYSTEM. The offset (to EIP) is specific to how the TFTP was started (as a 'Stand Alone', or 'Service'). By default the target is set to 'Service' because that's the default configuration during OpenTFTP Server SP 1.4's installation.
-
22:45
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in OpenTFTP Server SP 1.4. The vulnerable condition triggers when the TFTP opcode is configured as an error packet, the TFTP service will then format the message using a sprintf() function, which causes an overflow, therefore allowing remote code execution under the context of SYSTEM. The offset (to EIP) is specific to how the TFTP was started (as a 'Stand Alone', or 'Service'). By default the target is set to 'Service' because that's the default configuration during OpenTFTP Server SP 1.4's installation.
-
-
13:40
»
Packet Storm Security Exploits
IrfanView suffers from a heap-based buffer overflow vulnerability when parsing malicious TIFF images. Proof of concept exploit included.
-
7:47
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in Sterling Trader, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in Base.exe when processing network requests (code 176). This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to a certain TCP port. Successful exploitation allows execution of arbitrary code, but requires guessing the TCP port, which is dynamically assigned. Version 7.0.2 is affected.
-
7:47
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in Sterling Trader, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in Base.exe when processing network requests (code 176). This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to a certain TCP port. Successful exploitation allows execution of arbitrary code, but requires guessing the TCP port, which is dynamically assigned. Version 7.0.2 is affected.
-
7:47
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in Sterling Trader, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in Base.exe when processing network requests (code 176). This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to a certain TCP port. Successful exploitation allows execution of arbitrary code, but requires guessing the TCP port, which is dynamically assigned. Version 7.0.2 is affected.
-
-
5:11
»
Packet Storm Security Advisories
Secunia Research has discovered two vulnerabilities in Winamp version 5.622, which can be exploited by malicious people to compromise a user's system. An integer overflow error in the in_avi.dll plugin when allocating memory using the number of streams header value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. An integer overflow error in the in_avi.dll plugin when allocating memory using the RIFF INFO chunk's size value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.
-
5:11
»
Packet Storm Security Recent Files
Secunia Research has discovered two vulnerabilities in Winamp version 5.622, which can be exploited by malicious people to compromise a user's system. An integer overflow error in the in_avi.dll plugin when allocating memory using the number of streams header value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. An integer overflow error in the in_avi.dll plugin when allocating memory using the RIFF INFO chunk's size value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.
-
5:11
»
Packet Storm Security Misc. Files
Secunia Research has discovered two vulnerabilities in Winamp version 5.622, which can be exploited by malicious people to compromise a user's system. An integer overflow error in the in_avi.dll plugin when allocating memory using the number of streams header value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. An integer overflow error in the in_avi.dll plugin when allocating memory using the RIFF INFO chunk's size value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.
-
-
9:22
»
Packet Storm Security Exploits
SopCast suffers from a stack-based buffer overflow vulnerability when parsing the user input using the SoP protocol in sopocx.ocx module allowing the attacker to gain system access and execute arbitrary code on the affected machine. Version 3.4.7.45585 is affected.
-
9:22
»
Packet Storm Security Recent Files
SopCast suffers from a stack-based buffer overflow vulnerability when parsing the user input using the SoP protocol in sopocx.ocx module allowing the attacker to gain system access and execute arbitrary code on the affected machine. Version 3.4.7.45585 is affected.
-
9:22
»
Packet Storm Security Misc. Files
SopCast suffers from a stack-based buffer overflow vulnerability when parsing the user input using the SoP protocol in sopocx.ocx module allowing the attacker to gain system access and execute arbitrary code on the affected machine. Version 3.4.7.45585 is affected.
-
-
16:35
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in the site chmod command in versions of Serv-U FTP Server prior to 4.2. You must have valid credentials to trigger this vulnerability. Exploitation also leaves the service in a non-functional state.
-
16:35
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in the site chmod command in versions of Serv-U FTP Server prior to 4.2. You must have valid credentials to trigger this vulnerability. Exploitation also leaves the service in a non-functional state.
-
16:35
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in the site chmod command in versions of Serv-U FTP Server prior to 4.2. You must have valid credentials to trigger this vulnerability. Exploitation also leaves the service in a non-functional state.
-
-
16:03
»
Packet Storm Security Exploits
This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution.
-
16:03
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution.
-
16:03
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution.
-
-
16:51
»
Packet Storm Security Exploits
3S CoDeSys versions 3.4 SP4 Patch 2 and below suffer from integer overflow, stack overflow, folder creation and multiple NULL pointer vulnerabilities.
-
16:51
»
Packet Storm Security Recent Files
3S CoDeSys versions 3.4 SP4 Patch 2 and below suffer from integer overflow, stack overflow, folder creation and multiple NULL pointer vulnerabilities.
-
16:51
»
Packet Storm Security Misc. Files
3S CoDeSys versions 3.4 SP4 Patch 2 and below suffer from integer overflow, stack overflow, folder creation and multiple NULL pointer vulnerabilities.
-
-
17:02
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack based buffer overflow found in Free MP3 CD Ripper 1.1. The overflow is triggered when an unsuspecting user opens a malicious WAV file.
-
17:02
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack based buffer overflow found in Free MP3 CD Ripper 1.1. The overflow is triggered when an unsuspecting user opens a malicious WAV file.
-
7:44
»
Packet Storm Security Exploits
This Metasploit module exploits a stack based buffer overflow found in Mini-Stream RM-MP3 Converter version 3.1.2.1. The overflow is triggered when an unsuspecting victim opens the malicious PLS file.
-
7:44
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack based buffer overflow found in Mini-Stream RM-MP3 Converter version 3.1.2.1. The overflow is triggered when an unsuspecting victim opens the malicious PLS file.
-
7:44
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack based buffer overflow found in Mini-Stream RM-MP3 Converter version 3.1.2.1. The overflow is triggered when an unsuspecting victim opens the malicious PLS file.
-
-
17:30
»
Packet Storm Security Exploits
This exploit leverages a buffer overflow vulnerability in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 in order to execute arbitrary code.
-
17:30
»
Packet Storm Security Recent Files
This exploit leverages a buffer overflow vulnerability in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 in order to execute arbitrary code.
-
17:30
»
Packet Storm Security Misc. Files
This exploit leverages a buffer overflow vulnerability in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 in order to execute arbitrary code.
-
7:34
»
Packet Storm Security Exploits
Oracle Hyperion Strategic Finance client version 12.x Tidestone Formula One workbook OLE control TTF16 (6.3.5 Build 1) SetDevNames() remote heap overflow exploit.
-
7:34
»
Packet Storm Security Recent Files
Oracle Hyperion Strategic Finance client version 12.x Tidestone Formula One workbook OLE control TTF16 (6.3.5 Build 1) SetDevNames() remote heap overflow exploit.
-
7:34
»
Packet Storm Security Misc. Files
Oracle Hyperion Strategic Finance client version 12.x Tidestone Formula One workbook OLE control TTF16 (6.3.5 Build 1) SetDevNames() remote heap overflow exploit.
-
-
7:54
»
Packet Storm Security Advisories
An exploitable integer overflow in Apache allows a remote attacker to crash the process or perform execution of arbitrary code as the user running Apache. To exploit the vulnerability, a crafted .htaccess file has to be placed on the server.
-
7:54
»
Packet Storm Security Recent Files
An exploitable integer overflow in Apache allows a remote attacker to crash the process or perform execution of arbitrary code as the user running Apache. To exploit the vulnerability, a crafted .htaccess file has to be placed on the server.
-
7:54
»
Packet Storm Security Misc. Files
An exploitable integer overflow in Apache allows a remote attacker to crash the process or perform execution of arbitrary code as the user running Apache. To exploit the vulnerability, a crafted .htaccess file has to be placed on the server.
-
-
16:24
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in HP Power Manager's 'formExportDataLogs'. By creating a malformed request specifically for the fileName parameter, a stack-based buffer overflow occurs due to a long error message (which contains the fileName), which may result in arbitrary remote code execution under the context of 'SYSTEM'.
-
16:24
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in HP Power Manager's 'formExportDataLogs'. By creating a malformed request specifically for the fileName parameter, a stack-based buffer overflow occurs due to a long error message (which contains the fileName), which may result in arbitrary remote code execution under the context of 'SYSTEM'.
-
16:24
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in HP Power Manager's 'formExportDataLogs'. By creating a malformed request specifically for the fileName parameter, a stack-based buffer overflow occurs due to a long error message (which contains the fileName), which may result in arbitrary remote code execution under the context of 'SYSTEM'.
-
-
22:48
»
Packet Storm Security Advisories
G-WAN suffers from multiple vulnerabilities. A buffer overflow issue exists in the routine handling URL encoding for the "csp" (so called G-WAN servlets) sub-directory. Exploiting the vulnerability results in remotely being able to execute shellcode on the system. SIGPIPE signals were not handled correctly. Exploiting the vulnerability resulted in denial of service.
-
22:48
»
Packet Storm Security Recent Files
G-WAN suffers from multiple vulnerabilities. A buffer overflow issue exists in the routine handling URL encoding for the "csp" (so called G-WAN servlets) sub-directory. Exploiting the vulnerability results in remotely being able to execute shellcode on the system. SIGPIPE signals were not handled correctly. Exploiting the vulnerability resulted in denial of service.
-
22:48
»
Packet Storm Security Misc. Files
G-WAN suffers from multiple vulnerabilities. A buffer overflow issue exists in the routine handling URL encoding for the "csp" (so called G-WAN servlets) sub-directory. Exploiting the vulnerability results in remotely being able to execute shellcode on the system. SIGPIPE signals were not handled correctly. Exploiting the vulnerability resulted in denial of service.
-
15:35
»
Packet Storm Security Exploits
AmmSoft's ScriptFTP client is susceptible to a remote buffer overflow vulnerability that is triggered when processing a sufficiently long filename during a FTP LIST command resulting in overwriting the exception handler. Social engineering of executing a specially crafted ftp file by double click will result in connecting to our malicious server and perform arbitrary code execution which allows the attacker to gain the same rights as the user running ScriptFTP.
-
15:35
»
Packet Storm Security Recent Files
AmmSoft's ScriptFTP client is susceptible to a remote buffer overflow vulnerability that is triggered when processing a sufficiently long filename during a FTP LIST command resulting in overwriting the exception handler. Social engineering of executing a specially crafted ftp file by double click will result in connecting to our malicious server and perform arbitrary code execution which allows the attacker to gain the same rights as the user running ScriptFTP.
-
15:35
»
Packet Storm Security Misc. Files
AmmSoft's ScriptFTP client is susceptible to a remote buffer overflow vulnerability that is triggered when processing a sufficiently long filename during a FTP LIST command resulting in overwriting the exception handler. Social engineering of executing a specially crafted ftp file by double click will result in connecting to our malicious server and perform arbitrary code execution which allows the attacker to gain the same rights as the user running ScriptFTP.
-
15:35
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in ACDSee FotoSlate 4.0 Build 146 via a specially crafted id parameter in a String element. When viewing a malicious PLP file with the ACDSee FotoSlate product, a remote attacker could overflow a buffer and execute arbitrary code. This exploit has been tested on systems such as Windows XP SP3, Windows Vista, and Windows 7.
-
15:35
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in ACDSee FotoSlate 4.0 Build 146 via a specially crafted id parameter in a String element. When viewing a malicious PLP file with the ACDSee FotoSlate product, a remote attacker could overflow a buffer and execute arbitrary code. This exploit has been tested on systems such as Windows XP SP3, Windows Vista, and Windows 7.
-
15:35
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in ACDSee FotoSlate 4.0 Build 146 via a specially crafted id parameter in a String element. When viewing a malicious PLP file with the ACDSee FotoSlate product, a remote attacker could overflow a buffer and execute arbitrary code. This exploit has been tested on systems such as Windows XP SP3, Windows Vista, and Windows 7.
-
-
10:13
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer overflow error in the Ichitaro speed reader (jtdsr.dll) when parsing QLST chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
-
10:13
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer overflow error in the Ichitaro speed reader (jtdsr.dll) when parsing QLST chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
-
10:13
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer overflow error in the Ichitaro speed reader (jtdsr.dll) when parsing QLST chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution