«
Expand/Collapse
1731 items tagged "buffer overflow"
Related tags:
server [+],
proof of concept [+],
code execution [+],
arbitrary code execution [+],
apple quicktime [+],
remote [+],
protector [+],
exploit [+],
editor [+],
data [+],
activex [+],
web [+],
player [+],
nvidia [+],
windows xp sp3 [+],
system [+],
code versions [+],
aslr [+],
arbitrary code [+],
data protector [+],
coolplayer [+],
control [+],
apple itunes [+],
vlc media player [+],
vlc [+],
symantec [+],
sound [+],
sielco [+],
portable [+],
poison ivy 2 [+],
poison [+],
plus [+],
playerpt [+],
ntr [+],
novell zenworks [+],
novell [+],
ncmedia [+],
mmplayer [+],
lattice [+],
knowledge system [+],
ivy [+],
express [+],
driver [+],
display [+],
denial of service [+],
dacl [+],
configuration management [+],
command execution [+],
cisco linksys [+],
burn [+],
avaya [+],
activex control [+],
xml library [+],
xml entities [+],
x setsource [+],
x buffer [+],
winpmd [+],
winlog [+],
web plugin [+],
version [+],
unitehostrouter [+],
ulf harnhammar [+],
ubuntu [+],
u playlist [+],
type [+],
thunderbird [+],
termination [+],
symantec pcanywhere [+],
strcat [+],
size constraints [+],
shellcode [+],
service vulnerability [+],
sequelink [+],
seh [+],
security technologies [+],
secunia [+],
samsung [+],
s system [+],
research [+],
professional proof [+],
pcanywhere [+],
password [+],
open source web [+],
notice [+],
new folders [+],
netsight [+],
net i [+],
mozilla thunderbird [+],
method [+],
metasploit [+],
memory corruption [+],
media [+],
malicious website [+],
libwpd [+],
kmplayer [+],
java web start [+],
international components [+],
intelligent management [+],
integer overflow [+],
icedtea web [+],
hijacking [+],
hdtv [+],
ftp server [+],
ftp [+],
freefloat [+],
firefox [+],
file [+],
ezserver [+],
ezhometech [+],
exit function [+],
exe component [+],
exe [+],
exception message [+],
enterasys [+],
diamond [+],
debian linux [+],
corel wordperfect office [+],
converter [+],
content type [+],
content [+],
comsndftp [+],
cisco anyconnect [+],
cause denial [+],
cas [+],
blazevideo hdtv player [+],
blazevideo [+],
arthur gerkis [+],
application version [+],
apple security [+],
activex component [+],
active x control [+],
active x [+],
buffer [+],
security [+],
stack buffer [+],
exploits [+],
overflow [+],
zero [+],
day [+],
toshiba configfree [+],
toshiba [+],
texml [+],
sysax [+],
stream [+],
rm mp [+],
proshow [+],
programmer [+],
producer [+],
ppl [+],
pointer [+],
photodex [+],
oracle [+],
operations [+],
opcode [+],
multi [+],
modbus rtu [+],
local [+],
libtiff [+],
intrusion detection [+],
initiative [+],
function [+],
dos [+],
configfree [+],
coda [+],
client [+],
cisco [+],
beta user [+],
autovue [+],
ascii [+],
article documents [+],
apple ios [+],
apple [+],
alphanumeric [+],
agent [+],
activefax [+],
actfax [+],
vulnerability [+],
zero day [+],
linux [+],
linux security [+],
autostart [+],
winamp [+],
url [+],
u stack [+],
tiff sgi [+],
tfm [+],
targa [+],
taglib [+],
symbol value [+],
surl [+],
style element [+],
style [+],
stream recorder [+],
stack [+],
ssgparser [+],
ssg [+],
sony pc [+],
sony [+],
sistemi [+],
simple web server [+],
shockwave [+],
shadow [+],
setsource [+],
setmarkupmode [+],
semiconductor [+],
sap [+],
rtu [+],
recorder [+],
realplayer [+],
realmedia [+],
profile [+],
plugs [+],
plib [+],
player plugin [+],
pc companion [+],
pac designer [+],
opera web browser [+],
opera [+],
new folder [+],
new [+],
netweaver [+],
module [+],
modbus [+],
mobilesafari [+],
mobilemail [+],
mini stream [+],
microsoft excel [+],
microsoft [+],
media player 2 [+],
maki [+],
m3u [+],
login [+],
lattice semiconductor [+],
ios [+],
information disclosure [+],
image buffer [+],
image [+],
hunter [+],
ht editor [+],
holes [+],
free [+],
format [+],
float [+],
factory [+],
extended [+],
excel [+],
element [+],
ebp [+],
dtbclslogin [+],
downloader [+],
divx [+],
divide by zero [+],
dispatcher [+],
cutezip [+],
connection header [+],
companion [+],
command [+],
citrix [+],
c server [+],
bypass [+],
bugtraq [+],
browser [+],
beta [+],
allmediaserver [+],
adobe photoshop [+],
adobe [+],
a pdf [+],
advisory [+],
red hat security [+],
red [+],
mandriva linux [+],
mandriva [+],
gentoo linux security [+],
gentoo [+],
debian [+],
application [+],
poc [+],
knowledge [+],
aladdin knowledge [+],
aladdin [+],
zsl,
zipx,
zippho,
zipper,
zipgenius,
zipcentral,
zip proof,
zip file,
zip,
zinf,
zgtips,
zephyr,
yahoo,
xradio,
xml,
xlb,
xion,
xilisoft,
xftp,
xcf,
xbmc,
x86,
x.org,
x sntpgetreply,
x series,
x player,
x lion,
x evocam,
x common,
x adddestinationentry,
wvx,
wvc,
wrq,
wosr,
world authors,
wordperfect office,
wordperfect,
word record,
word list,
word,
wizard v1,
wizard,
wireshark,
winsoftmagic,
winscard,
winplot,
wing,
windows movie maker,
windows media player,
windows,
winamp versions,
win32k,
whitepaper,
wesley miaw,
website,
weblogic,
webapps,
webappmon,
web server version,
web server,
web proxy cache,
web player,
wav to mp3 converter,
wav to mp3,
wav,
vuplayer,
vupen,
vulnerability research,
vrn,
vncviewer,
visual mp3,
visual,
visio,
viscom,
virtuosa,
virtual dj,
virtual,
viewer,
videosuite,
videostudio,
videolan sa,
videolan,
video joiner,
video converter,
video buffer,
video,
victim machine,
version 6,
vendor,
validation error,
valid credentials,
v16,
utility,
usr,
usn,
username,
user,
usa,
uri handling,
uri,
update,
unzip,
unix domain socket,
universal,
unicode library,
unicode,
ultravnc,
ultraplayer,
ultraiso,
ufo alien invasion,
ufo,
u seh,
typing,
type parameter,
type conversion,
txt,
twsl,
tweakfs,
tv player,
tv ip,
trust issue,
triologic,
trial,
trendnet,
traversal,
transfer library,
trail,
torcs,
tor unspecified,
tomas hoger,
tivoli endpoint,
tivoli,
tiff library,
tiff image,
tiff,
tgz,
tftp service,
tftp,
test command,
telus,
telnetd,
telnet service,
telnet daemon,
telnet,
technical,
teamshatter,
tcp port,
tavis ormandy,
target,
talk,
tag,
tab editor,
syslog daemon,
sys driver,
sys,
syntactic analysis,
switch,
swingette,
svn,
sunway,
sun solaris 10,
suite,
suhosin,
subtitle file,
subtitle,
studio 9,
studio,
string routines,
string element,
string,
streamprocess,
str,
storyboard quick,
storyboard,
storm,
statsreader,
standard,
stackbf,
stack overflows,
stack overflow,
ssh,
squarepants,
sprintf function,
spongebob squarepants,
spongebob,
splitter,
splayer,
spider,
sopcast,
sop,
sonique,
sonicwall,
somplplayer,
sompl,
something,
solarftp,
solar,
software movie player,
softek,
socket,
soap,
sntp,
snort,
snackamp,
smigetnode,
smi file,
smi,
smashing,
slyk,
slideshow,
slackware,
skinny channel,
skincrafter,
site,
sim editor,
siemens automation,
siemens,
sid,
shellzip,
shell,
shawn moyer,
setup,
setidentity,
sesskey,
session,
service windows,
service,
server version,
server v4,
server v1,
server username,
server test,
server response,
server manager,
server list,
server extension,
server component,
serenity audioplayer,
serenity audio,
serenity,
sequenceparametersetnalunit,
select,
seil,
sehoverflow,
seh dep,
segmentation,
securview,
security vulnerabilities,
security research,
security labs,
security advisory,
sdk,
scripts,
script fu,
scpc,
scanner service,
scadatec,
scadaphone,
scada,
savant,
sanity checks,
sample,
sami,
samba packages,
samba,
salvatore,
safer use,
s3m,
rxssetdatagrowthscheduleandfilter,
ruxcon,
rumba,
rtx,
rtf files,
rtf,
rsyslog,
rspmp,
rsp,
rrq,
rpm,
rpc,
rosoftmp,
rosoft,
rop,
root privileges,
robert luberda,
rms,
rmp,
rmdownloaderm,
rmd,
rle,
ripper 2,
ripper,
ricoh,
richard johnson tags,
richard johnson,
resedit,
request,
remote proof,
remote control,
regression,
registry,
record,
realwin,
realtek hd audio control panel,
realtek,
realplayer user,
real player,
real networks,
real,
reader,
raster,
rarcrack,
rar,
rap,
radlight,
radasm,
r software,
quiksoft reverse,
quickzip,
quicktime player,
quicktime pict,
quicktime,
quick,
query buffer,
qtx,
qqplayer,
python script,
python,
psd,
provj,
provisioning services,
provisioning,
prosshd,
proper bounds,
proof,
project security,
project,
professional version,
professional,
processor version,
processor,
pro versions,
pratap,
practical,
prabhu,
powerzip,
powershell,
power tab editor,
power,
port 8080,
port 4444,
pnsize,
png library,
png file,
pls file,
pls,
pll,
plf,
playlist,
player versions,
player v3,
player v2,
player v1,
player 1,
planeshift,
pivottable,
pict,
php,
photo editor,
photo,
phoenix edition,
phoenix,
phobos,
peter silberman,
personal ftp server,
pers ftp sploit,
pdf,
pcscd,
payload,
patent claims,
patch,
pasv,
pass,
paper,
pango,
pam module,
pam,
pad,
pa,
p. tumenas,
owc,
ovwebsnmpsrv,
overwrite,
overflows,
overflow errors,
overflow code,
otsturntables,
os x,
oracle text,
oracle database server,
oracle database,
opml,
opera version,
opera mobile,
openview,
opentftp,
openssl,
open music,
open,
opc client,
opc,
onapsis,
omniinet,
olf,
office web components,
office excel,
office,
ocx,
number of bytes,
null pointer,
nsopoc,
novell netware,
novell iprint,
novell groupwise internet agent,
notification,
nop,
non common,
nokia n97,
nokia,
node,
nnmrptconfig,
nnm,
nlst,
nki,
njstart,
njstar,
ngs,
new samba,
netzip,
network ups tools,
network node manager,
network,
netpbm,
netop,
netdecision,
netb,
naturpic,
nator,
mysql,
mymp3 player,
mymp,
musik maker,
musik,
music animation machine,
music,
muse music,
muse,
multiple products,
multiple,
multimedia suite,
multimedia,
msgfunctiondemarshall,
msf,
mscomctl,
mplayer,
mpeg player,
mp3 studio,
mp3 splitter joiner,
mp3 player,
mp3 file,
mp3 cd ripper,
mozilla,
movieplay,
movieeditor,
movie,
movavi videosuite,
movavi,
mov file,
morphological analysis,
moreamp,
monkey,
monitor,
modplug tracker,
modbustagserver,
mod,
mobile,
moaub,
mms,
mjm,
mitkrb,
mitigation technologies,
mit,
ministreamrmmp,
ministreamripper,
minismtp,
minishare,
mini stream ripper,
mini,
mindmanager,
mindjet mindmanager,
mindjet,
mikeyzip,
migration,
midi player v1,
midi player,
midi,
microsoft word,
microsoft visual studio,
microsoft powerpoint,
microsoft office word,
microsoft office 2007,
microsoft office 2003,
microsoft office,
microsoft drm,
microphone calibration,
microphone,
metasploit framework,
meta,
message data,
memory access,
mediaplayer,
mediamonkey,
mediacoder,
media player version,
media player classic,
media player 8,
mdvsa,
mds mdf files,
mds,
mdf,
matthew nicholson,
matt giuca,
mariano graziano,
marc schoenefeld,
mapserver,
manager. user,
manager. the,
manager toolbar,
manager rpc,
manager interface,
manager,
malicious server,
maker,
mail version,
magnetosoft,
magix,
magic music,
magic,
magentservice,
maf,
macro,
machine,
mac os x,
mac os,
m3u file,
m. lucinskij,
m stack,
lwres,
luigi auriemma,
lst,
lotus domino,
lotus,
long,
logging database,
logging code,
location,
lmgrd,
lite,
linux kernel,
linux distributions,
linksys wvc200,
license server,
license,
libsmi,
libpng,
libcurl,
lgserver,
leadtools,
ldm,
language,
krb5,
krb,
kpl,
kontakt,
kolibri,
knftp,
kingsoft antivirus,
kingsoft,
keyview,
kernel patch,
kernel,
kerberos support,
kenward,
kde core libraries,
karaoke player,
jzip,
joiner,
jetaudio,
jd edwards,
j. stolfo,
j integra,
itouch,
issue,
ispvm,
irfanview,
ircd,
irc proxy,
ipswcom,
iprint,
ipj,
iphone,
internet camera,
integra 2,
integer,
integard,
install,
insertion,
insecure method,
input function,
initialize,
incredimail,
import command,
immunity,
imagemagick,
image viewer,
igssdataserver,
igss,
idefense security advisory,
idefense,
ideal,
icmp,
ibm omnifind,
ibm,
hyleos,
huzaifa sidhpurwala,
http,
htmlurl,
htmlspecialchars,
html option,
html email,
html,
href,
hp ux,
hp power,
hp openview network node manager,
hp openview,
home cinema,
home,
hollywood,
hfs,
hero dvd,
hero,
heap,
head,
hd mpeg,
harir,
hanso,
handling,
hacking,
gta,
greg hoglund,
graziano,
gopher servers,
gopher,
gom player,
gom media player,
gom,
goldenftp,
golden,
gold version,
gold,
gnu tar,
glsa,
gimp script,
gimp,
getserverinfo,
gesytec,
geoff keating,
g wan,
fyodor tags,
ftpgetter,
ftpexploit,
ftpdisc,
ftpd,
ftp service,
ftp client,
fsx,
freetype library,
freetype,
freesshd,
freemp,
freecdmp,
freebsd security,
freebsd,
freeamp,
free scan,
free mp3 cd,
free cd to mp3 converter,
foxit,
fotoslate,
format tiff,
forgery,
font files,
font,
folder,
flvplayer,
flowchart,
floating point conversion,
flexnet,
flaw,
flashfxp,
flashcards,
flash cards,
flash,
fish irssi,
fish,
firewall,
fileexists,
file cutter,
fieldnotes,
feeddemon,
fathftp,
factorylink,
ezip,
extrememp,
extension,
expoits,
exploitation,
exception handler,
excel user,
evil,
evasion,
esignal,
enzip,
enumfiles,
endpoint,
encryption support,
encryption option,
encrypt,
email attachment,
email,
elonfmt,
elite,
electronic flashcards,
electronic flash,
electronic,
elecard,
eip,
edraw,
editor v1,
editor buffer,
edition,
edisplay,
easyzip 2000,
easyzip,
easyftp,
easy cd,
easy,
dxf file,
dvd x player,
dvd,
dsa,
drm technology,
drm,
driver ast,
draft 8,
draft,
downloader 2,
download,
domino,
document capture,
document,
doc,
dll data,
dll,
dj studio,
dissector,
diskpulse,
directory,
dino dai zovi,
digital,
diagram,
device server,
dev,
destiny media player,
destiny,
desktop,
dep,
denial of service exploit,
denial,
deletefile,
default debian,
default compiler,
default account,
deepburner,
dce rpc,
dce,
dbr,
dbpoweramp,
david wheeler,
datahub,
datac,
databasespy,
database,
daqfactory,
dap,
dan kaminsky,
daemon,
d.r. software,
d tiff resource,
cytel,
cyberlink,
cve,
custom compression,
cue file,
cue,
ctxsys,
csservice,
csp,
csound,
csf,
crystal reports,
crushftp,
cross site scripting,
cross,
creator,
crash proof,
crash,
corelan,
corel,
coreftp,
core,
coolzip,
cookie value,
cookie,
control versions,
control panel 1,
compression algorithm,
compound document,
composer,
component version,
component,
comparison,
compact,
communicrypt,
communicator version,
communicator,
colladaconverter,
cogent,
codesys,
codeblocks,
code windows,
code,
coat,
cmsd,
client proxy,
classic,
cinema 1,
chunk,
chip,
child elements,
chemview,
checking,
chasys,
character array,
cgi,
cd to mp3 converter,
cd ripper,
cd da,
cd converter,
cbp,
castripper,
capture,
camtron,
camera,
cache data,
c stack,
c program,
bywifi,
byt,
builder,
build,
buffer overflows,
buf,
bsd derived,
bs player,
brute force,
brazip,
bound,
boston,
bof,
bluevoda,
blue,
blazedvd,
blade,
black ops,
black hat,
bit,
bind system,
bin,
beta 3,
ben hawkes,
barcode reader,
baofeng,
bacnet,
backdoor,
avtech software,
aviosoft,
avid media composer,
avid,
avi file,
avi,
avcon,
autonomy,
automation,
authors,
authentium,
authentication proxy,
authentication,
auth,
auriemma,
audition,
audioplayer,
audioop,
audio player,
audio converter 1,
audio converter,
audio codec,
audio,
attacker,
atomixmp,
asx,
asus,
asterisk,
asia,
ascii string,
array,
architectures,
arabic,
application crash,
apple safari,
apple quicktime player,
api,
ape,
apdfwavmp,
apache,
aol,
anvsoft,
antivirus client,
antivirus,
animation,
andres lopez,
andrea cugliari,
amadis,
alzip,
altova,
altarsoft,
alien,
akoff,
aika,
agentx,
advisory updates,
advanced,
adv,
adobe reader version,
adobe reader 5,
adobe reader,
adobe flash player,
adobe download manager,
adobe audition,
administration,
activeperl,
active,
acdsee,
accelerator,
acc,
abor,
abbs,
Software,
Newbie,
NON,
Final,
Area,
95b
Skip to page:
1
2
3
...
7
-
-
15:48
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in Enterasys NetSight. The vulnerability exists in the Syslog service (nssylogd.exe) when parsing a specially crafted PRIO from a syslog message. The module has been tested successfully on Enterasys NetSight 4.0.1.34 over Windows XP SP3 and Windows 2003 SP2.
-
15:48
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in Enterasys NetSight. The vulnerability exists in the Syslog service (nssylogd.exe) when parsing a specially crafted PRIO from a syslog message. The module has been tested successfully on Enterasys NetSight 4.0.1.34 over Windows XP SP3 and Windows 2003 SP2.
-
15:48
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in Enterasys NetSight. The vulnerability exists in the Syslog service (nssylogd.exe) when parsing a specially crafted PRIO from a syslog message. The module has been tested successfully on Enterasys NetSight 4.0.1.34 over Windows XP SP3 and Windows 2003 SP2.
-
-
8:30
»
Packet Storm Security Exploits
This is an exploit for a stack buffer overflow in the NVidia Display Driver Service. The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability.
-
8:30
»
Packet Storm Security Exploits
This is an exploit for a stack buffer overflow in the NVidia Display Driver Service. The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability.
-
8:30
»
Packet Storm Security Recent Files
This is an exploit for a stack buffer overflow in the NVidia Display Driver Service. The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability.
-
8:30
»
Packet Storm Security Misc. Files
This is an exploit for a stack buffer overflow in the NVidia Display Driver Service. The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability.
-
-
21:46
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP Data Protector 4.0 SP1. The overflow occurs during the login process, in the DtbClsLogin function provided by the dpwindtb.dll component, where the Utf8Cpy (strcpy like function) is used in an insecure way with the username. A successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
-
21:46
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP Data Protector 4.0 SP1. The overflow occurs during the login process, in the DtbClsLogin function provided by the dpwindtb.dll component, where the Utf8Cpy (strcpy like function) is used in an insecure way with the username. A successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
-
21:46
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP Data Protector 4.0 SP1. The overflow occurs during the login process, in the DtbClsLogin function provided by the dpwindtb.dll component, where the Utf8Cpy (strcpy like function) is used in an insecure way with the username. A successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
-
-
21:31
»
Packet Storm Security Exploits
NVIDIA Install Application version 2.1002.85.551 (NVI2.dll) unicode buffer overflow proof of concept exploit. The vulnerability is caused due to a boundary error in NVI2.DLL when handling the value assigned to the 'pDirectory' string variable in the 'AddPackages' function and can be exploited to cause a unicode buffer overflow by inserting an overly long array of data which may lead to execution of arbitrary code.
-
21:31
»
Packet Storm Security Recent Files
NVIDIA Install Application version 2.1002.85.551 (NVI2.dll) unicode buffer overflow proof of concept exploit. The vulnerability is caused due to a boundary error in NVI2.DLL when handling the value assigned to the 'pDirectory' string variable in the 'AddPackages' function and can be exploited to cause a unicode buffer overflow by inserting an overly long array of data which may lead to execution of arbitrary code.
-
21:31
»
Packet Storm Security Misc. Files
NVIDIA Install Application version 2.1002.85.551 (NVI2.dll) unicode buffer overflow proof of concept exploit. The vulnerability is caused due to a boundary error in NVI2.DLL when handling the value assigned to the 'pDirectory' string variable in the 'AddPackages' function and can be exploited to cause a unicode buffer overflow by inserting an overly long array of data which may lead to execution of arbitrary code.
-
-
18:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-176 - A heap-buffer overflow was found in the way libxml2 decoded certain XML entities. A remote attacker could provide a specially-crafted XML file, which once opened in an application linked against libxml would cause that application to crash, or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.
-
18:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-176 - A heap-buffer overflow was found in the way libxml2 decoded certain XML entities. A remote attacker could provide a specially-crafted XML file, which once opened in an application linked against libxml would cause that application to crash, or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.
-
18:00
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-176 - A heap-buffer overflow was found in the way libxml2 decoded certain XML entities. A remote attacker could provide a specially-crafted XML file, which once opened in an application linked against libxml would cause that application to crash, or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.
-
17:27
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2580-1 - Jueri Aedla discovered a buffer overflow in the libxml XML library, which could result in the execution of arbitrary code.
-
17:27
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2580-1 - Jueri Aedla discovered a buffer overflow in the libxml XML library, which could result in the execution of arbitrary code.
-
17:27
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2580-1 - Jueri Aedla discovered a buffer overflow in the libxml XML library, which could result in the execution of arbitrary code.
-
-
11:22
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-175 - Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities were found and corrected in libssh. The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.
-
11:22
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-175 - Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities were found and corrected in libssh. The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.
-
11:22
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-175 - Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities were found and corrected in libssh. The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.
-
-
22:44
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3.
-
22:44
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3.
-
22:44
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3.
-
-
15:57
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1482-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A buffer overflow flaw was found in the way Firefox handled GIF images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox.
-
15:57
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1482-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A buffer overflow flaw was found in the way Firefox handled GIF images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox.
-
15:57
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1482-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A buffer overflow flaw was found in the way Firefox handled GIF images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox.
-
15:57
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1483-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A buffer overflow flaw was found in the way Thunderbird handled GIF images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird.
-
15:57
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1483-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A buffer overflow flaw was found in the way Thunderbird handled GIF images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird.
-
15:57
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1483-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A buffer overflow flaw was found in the way Thunderbird handled GIF images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird.
-
-
7:10
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-171 - A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code. The updated packages have been upgraded to the 1.1.7 version which is not affected by this issue.
-
7:10
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-171 - A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code. The updated packages have been upgraded to the 1.1.7 version which is not affected by this issue.
-
7:10
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-171 - A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code. The updated packages have been upgraded to the 1.1.7 version which is not affected by this issue.
-
-
16:17
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1434-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code.
-
16:17
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1434-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code.
-
16:17
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1434-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code.
-
16:17
»
Packet Storm Security Advisories
Ubuntu Security Notice 1625-1 - Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the user invoking the program.
-
16:17
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1625-1 - Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the user invoking the program.
-
16:17
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1625-1 - Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the user invoking the program.
-
-
17:52
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Aladdin Knowledge System's ActiveX component. By supplying a long string of data to the ChooseFilePath() function, a buffer overflow occurs, which may result in remote code execution under the context of the user.
-
17:52
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Aladdin Knowledge System's ActiveX component. By supplying a long string of data to the ChooseFilePath() function, a buffer overflow occurs, which may result in remote code execution under the context of the user.
-
17:52
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Aladdin Knowledge System's ActiveX component. By supplying a long string of data to the ChooseFilePath() function, a buffer overflow occurs, which may result in remote code execution under the context of the user.
-
-
8:17
»
Packet Storm Security Exploits
The Aladdin Knowledge System Ltd. PrivAgent active-x control version 2.0 suffers from buffer overflow and insecure file download vulnerabilities. Buffer overflow proof of concept included.
-
8:17
»
Packet Storm Security Recent Files
The Aladdin Knowledge System Ltd. PrivAgent active-x control version 2.0 suffers from buffer overflow and insecure file download vulnerabilities. Buffer overflow proof of concept included.
-
8:17
»
Packet Storm Security Misc. Files
The Aladdin Knowledge System Ltd. PrivAgent active-x control version 2.0 suffers from buffer overflow and insecure file download vulnerabilities. Buffer overflow proof of concept included.
-
-
18:32
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2561-1 - It was discovered that a buffer overflow in libtiff's parsing of files using PixarLog compression could lead to the execution of arbitrary code.
-
18:32
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2561-1 - It was discovered that a buffer overflow in libtiff's parsing of files using PixarLog compression could lead to the execution of arbitrary code.
-
18:32
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2561-1 - It was discovered that a buffer overflow in libtiff's parsing of files using PixarLog compression could lead to the execution of arbitrary code.
-
-
17:37
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in Avaya WinPMD. The vulnerability exists in the UniteHostRouter service, due to the insecure usage of memcpy when parsing specially crafted "To:" headers. The module has been tested successfully on Avaya WinPMD 3.8.2 over Windows XP SP3 and Windows 2003 SP2.
-
17:37
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in Avaya WinPMD. The vulnerability exists in the UniteHostRouter service, due to the insecure usage of memcpy when parsing specially crafted "To:" headers. The module has been tested successfully on Avaya WinPMD 3.8.2 over Windows XP SP3 and Windows 2003 SP2.
-
17:37
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in Avaya WinPMD. The vulnerability exists in the UniteHostRouter service, due to the insecure usage of memcpy when parsing specially crafted "To:" headers. The module has been tested successfully on Avaya WinPMD 3.8.2 over Windows XP SP3 and Windows 2003 SP2.
-
-
16:56
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201209-19 - A buffer overflow in NUT might allow remote attackers to execute arbitrary code. Versions less than 2.6.3 are affected.
-
16:56
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201209-19 - A buffer overflow in NUT might allow remote attackers to execute arbitrary code. Versions less than 2.6.3 are affected.
-
16:56
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201209-19 - A buffer overflow in NUT might allow remote attackers to execute arbitrary code. Versions less than 2.6.3 are affected.
-
8:20
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201209-17 - A buffer overflow in Pidgin might allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.10.6 are affected.
-
8:20
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201209-17 - A buffer overflow in Pidgin might allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.10.6 are affected.
-
8:20
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201209-17 - A buffer overflow in Pidgin might allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.10.6 are affected.
-
-
0:01
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201209-7 - A buffer overflow in International Components for Unicode could result in execution of arbitrary code or Denial of Service. Versions less than 49.1.1-r1 are affected.
-
0:01
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201209-7 - A buffer overflow in International Components for Unicode could result in execution of arbitrary code or Denial of Service. Versions less than 49.1.1-r1 are affected.
-
0:01
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201209-7 - A buffer overflow in International Components for Unicode could result in execution of arbitrary code or Denial of Service. Versions less than 49.1.1-r1 are affected.
-
-
23:44
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in NTR ActiveX 1.1.8. The vulnerability exists in the Check() method, due to the insecure usage of strcat to build a URL using the bstrParams parameter contents, which leads to code execution under the context of the user visiting a malicious web page. In order to bypass DEP and ASLR on Windows Vista and Windows 7 JRE 6 is needed.
-
23:44
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in NTR ActiveX 1.1.8. The vulnerability exists in the Check() method, due to the insecure usage of strcat to build a URL using the bstrParams parameter contents, which leads to code execution under the context of the user visiting a malicious web page. In order to bypass DEP and ASLR on Windows Vista and Windows 7 JRE 6 is needed.
-
23:44
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in NTR ActiveX 1.1.8. The vulnerability exists in the Check() method, due to the insecure usage of strcat to build a URL using the bstrParams parameter contents, which leads to code execution under the context of the user visiting a malicious web page. In order to bypass DEP and ASLR on Windows Vista and Windows 7 JRE 6 is needed.
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[local exploits] - NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Buffer Overflow
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[local exploits] - CAS Modbus RTU Parser Buffer Overflow Exploit
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[local exploits] - Winamp MAKI Buffer Overflow
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[dos / poc] - CAS Modbus RTU Parser Buffer Overflow SEH (PoC)
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[remote exploits] - ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[local exploits] - ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[dos / poc] - CAS Modbus RTU Parser Buffer Overflow SEH
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[local exploits] - SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow
-
-
20:43
»
Packet Storm Security Exploits
Express Burn Plus version 4.58 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a unicode buffer overflow when a user opens e.g. a specially crafted .EBP file. Successful exploitation could allow execution of arbitrary code on the affected machine.
-
20:43
»
Packet Storm Security Recent Files
Express Burn Plus version 4.58 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a unicode buffer overflow when a user opens e.g. a specially crafted .EBP file. Successful exploitation could allow execution of arbitrary code on the affected machine.
-
20:43
»
Packet Storm Security Misc. Files
Express Burn Plus version 4.58 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a unicode buffer overflow when a user opens e.g. a specially crafted .EBP file. Successful exploitation could allow execution of arbitrary code on the affected machine.
-
-
19:52
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-164 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the img.exe component, which listens by default on TCP port 8800. When handling message packets, the process performs arithmetic on an unvalidated user-supplied values used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. By sending a specially crafted packet, an attacker can leverage this vulnerability to execute code under the context of the user.
-
19:52
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-164 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the img.exe component, which listens by default on TCP port 8800. When handling message packets, the process performs arithmetic on an unvalidated user-supplied values used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. By sending a specially crafted packet, an attacker can leverage this vulnerability to execute code under the context of the user.
-
19:52
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-164 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the img.exe component, which listens by default on TCP port 8800. When handling message packets, the process performs arithmetic on an unvalidated user-supplied values used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. By sending a specially crafted packet, an attacker can leverage this vulnerability to execute code under the context of the user.
-
-
17:38
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201208-1 - A buffer overflow in socat might allow remote attackers to execute arbitrary code. Versions less than 1.7.2.1 are affected.
-
17:38
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201208-1 - A buffer overflow in socat might allow remote attackers to execute arbitrary code. Versions less than 1.7.2.1 are affected.
-
17:38
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201208-1 - A buffer overflow in socat might allow remote attackers to execute arbitrary code. Versions less than 1.7.2.1 are affected.
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[remote exploits] - Simple Web Server Connection Header Buffer Overflow
-
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[remote exploits] - Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[remote exploits] - Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[remote exploits] - Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow
-
14:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
[remote exploits] - Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
-
-
14:36
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system. Successful exploitation allows execution of arbitrary code. Cisco Linksys PlayerPT ActiveX Control version 1.0.0.15 is affected. Other versions may also be affected.
-
14:36
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system. Successful exploitation allows execution of arbitrary code. Cisco Linksys PlayerPT ActiveX Control version 1.0.0.15 is affected. Other versions may also be affected.
-
14:36
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system. Successful exploitation allows execution of arbitrary code. Cisco Linksys PlayerPT ActiveX Control version 1.0.0.15 is affected. Other versions may also be affected.
-
-
21:58
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-125 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts. The stack buffer overflow occurs as a result of an unbounded string copy function in Quicktime.qts, reachable through the IQTPluginControl::SetLanguage COM method exposed by the COM object QTPlugin.ocx. This vulnerability can be leveraged to execute code under the context of the user.
-
21:58
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-125 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts. The stack buffer overflow occurs as a result of an unbounded string copy function in Quicktime.qts, reachable through the IQTPluginControl::SetLanguage COM method exposed by the COM object QTPlugin.ocx. This vulnerability can be leveraged to execute code under the context of the user.
-
21:58
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-125 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts. The stack buffer overflow occurs as a result of an unbounded string copy function in Quicktime.qts, reachable through the IQTPluginControl::SetLanguage COM method exposed by the COM object QTPlugin.ocx. This vulnerability can be leveraged to execute code under the context of the user.
-
21:57
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-124 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 42 (0x2a), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:57
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-124 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 42 (0x2a), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:57
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-124 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 42 (0x2a), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:57
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-105 - Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code. This update provides pidgin 2.10.6, which is not vulnerable to this issue.
-
21:57
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-105 - Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code. This update provides pidgin 2.10.6, which is not vulnerable to this issue.
-
21:57
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-105 - Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code. This update provides pidgin 2.10.6, which is not vulnerable to this issue.
-
21:54
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-123 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 60 (0xe9), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:54
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-123 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 60 (0xe9), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:54
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-123 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 60 (0xe9), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:50
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-122 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 65 (0x41) and subcode 18 (0x12), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:50
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-122 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 65 (0x41) and subcode 18 (0x12), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:50
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-122 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 65 (0x41) and subcode 18 (0x12), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:28
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-121 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 85 (0x55) and subcode 01, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:28
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-121 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 85 (0x55) and subcode 01, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:28
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-121 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 85 (0x55) and subcode 01, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:18
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-120 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 85 (0x55) and subcode 22 (0x16), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:18
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-120 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 85 (0x55) and subcode 22 (0x16), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:18
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-120 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 85 (0x55) and subcode 22 (0x16), the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:15
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-118 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 03 and subcode 04, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:15
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-118 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 03 and subcode 04, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:15
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-118 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 03 and subcode 04, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:14
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-117 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 02, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:14
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-117 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 02, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
21:14
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-117 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messages with opcode 50 (0x32) and subcode 02, the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. This vulnerability can be leveraged to execute code under the context of the SYSTEM user.
-
-
8:17
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2509-1 - Ulf Harnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution.
-
8:17
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2509-1 - Ulf Harnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution.
-
8:17
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2509-1 - Ulf Harnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution.
-
-
16:18
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in Poison Ivy 2.3.2 C&C server. The exploit does not need to know the password chosen for the bot/server communication. If the C&C is configured with the default 'admin' password, the exploit should work fine. In case of the C&C configured with another password the exploit can fail. The 'check' command can be used to determine if the C&C target is using the default 'admin' password. Hopefully an exploit try won't crash the Poison Ivy C&C process, just the thread responsible of handling the connection. Because of this the module provides the RANDHEADER option and a bruteforce target. If RANDHEADER is used a random header will be used. If the bruteforce target is selected, a random header will be sent in case the default for the password 'admin' doesn't work. Bruteforce will stop after 5 tries or a session obtained.
-
16:18
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in Poison Ivy 2.3.2 C&C server. The exploit does not need to know the password chosen for the bot/server communication. If the C&C is configured with the default 'admin' password, the exploit should work fine. In case of the C&C configured with another password the exploit can fail. The 'check' command can be used to determine if the C&C target is using the default 'admin' password. Hopefully an exploit try won't crash the Poison Ivy C&C process, just the thread responsible of handling the connection. Because of this the module provides the RANDHEADER option and a bruteforce target. If RANDHEADER is used a random header will be used. If the bruteforce target is selected, a random header will be sent in case the default for the password 'admin' doesn't work. Bruteforce will stop after 5 tries or a session obtained.
-
16:18
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in Poison Ivy 2.3.2 C&C server. The exploit does not need to know the password chosen for the bot/server communication. If the C&C is configured with the default 'admin' password, the exploit should work fine. In case of the C&C configured with another password the exploit can fail. The 'check' command can be used to determine if the C&C target is using the default 'admin' password. Hopefully an exploit try won't crash the Poison Ivy C&C process, just the thread responsible of handling the connection. Because of this the module provides the RANDHEADER option and a bruteforce target. If RANDHEADER is used a random header will be used. If the bruteforce target is selected, a random header will be sent in case the default for the password 'admin' doesn't work. Bruteforce will stop after 5 tries or a session obtained.
-
-
16:56
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP Data Protector 5. The overflow occurs in the creation of new folders, where the name of the folder is handled in a insecure way by the dpwindtb.dll component. While the overflow occurs in the stack, the folder name is split in fragments in this insecure copy. Because of this, this module uses egg hunting to search a non corrupted copy of the payload in the heap. On the other hand the overflowed buffer is stored in a frame protected by stack cookies, because of this SEH handler overwrite is used. Any user of HP Data Protector Express is able to create new folders and trigger the vulnerability. Moreover, in the default installation the 'Admin' user has an empty password. Successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
-
16:56
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP Data Protector 5. The overflow occurs in the creation of new folders, where the name of the folder is handled in a insecure way by the dpwindtb.dll component. While the overflow occurs in the stack, the folder name is split in fragments in this insecure copy. Because of this, this module uses egg hunting to search a non corrupted copy of the payload in the heap. On the other hand the overflowed buffer is stored in a frame protected by stack cookies, because of this SEH handler overwrite is used. Any user of HP Data Protector Express is able to create new folders and trigger the vulnerability. Moreover, in the default installation the 'Admin' user has an empty password. Successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
-
16:56
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP Data Protector 5. The overflow occurs in the creation of new folders, where the name of the folder is handled in a insecure way by the dpwindtb.dll component. While the overflow occurs in the stack, the folder name is split in fragments in this insecure copy. Because of this, this module uses egg hunting to search a non corrupted copy of the payload in the heap. On the other hand the overflowed buffer is stored in a frame protected by stack cookies, because of this SEH handler overwrite is used. Any user of HP Data Protector Express is able to create new folders and trigger the vulnerability. Moreover, in the default installation the 'Admin' user has an empty password. Successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
-
-
16:45
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.
-
16:45
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.
-
16:45
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.
-
-
20:40
»
Packet Storm Security Exploits
Core Security Technologies Advisory - Lattice Diamond Programmer is vulnerable to client-side attacks, which can be exploited by remote attackers to run arbitrary code by sending specially crafted '.xcf' files.
-
20:40
»
Packet Storm Security Recent Files
Core Security Technologies Advisory - Lattice Diamond Programmer is vulnerable to client-side attacks, which can be exploited by remote attackers to run arbitrary code by sending specially crafted '.xcf' files.
-
20:40
»
Packet Storm Security Misc. Files
Core Security Technologies Advisory - Lattice Diamond Programmer is vulnerable to client-side attacks, which can be exploited by remote attackers to run arbitrary code by sending specially crafted '.xcf' files.
-
-
22:26
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in iTunes 10.4.0.80 to 10.6.1.7. When opening an extended .m3u file containing an "#EXTINF:" tag description, iTunes will copy the content after "#EXTINF:" without appropriate checking from a heap buffer to a stack buffer and write beyond the stack buffers boundary. This allows arbitrary code execution. The Windows XP target has to have QuickTime 7.7.2 installed for this module to work. It uses a ROP chain from a non safeSEH enabled DLL to bypass DEP and safeSEH. The stack cookie check is bypassed by triggering a SEH exception.
-
22:26
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in iTunes 10.4.0.80 to 10.6.1.7. When opening an extended .m3u file containing an "#EXTINF:" tag description, iTunes will copy the content after "#EXTINF:" without appropriate checking from a heap buffer to a stack buffer and write beyond the stack buffers boundary. This allows arbitrary code execution. The Windows XP target has to have QuickTime 7.7.2 installed for this module to work. It uses a ROP chain from a non safeSEH enabled DLL to bypass DEP and safeSEH. The stack cookie check is bypassed by triggering a SEH exception.
-
22:26
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in iTunes 10.4.0.80 to 10.6.1.7. When opening an extended .m3u file containing an "#EXTINF:" tag description, iTunes will copy the content after "#EXTINF:" without appropriate checking from a heap buffer to a stack buffer and write beyond the stack buffers boundary. This allows arbitrary code execution. The Windows XP target has to have QuickTime 7.7.2 installed for this module to work. It uses a ROP chain from a non safeSEH enabled DLL to bypass DEP and safeSEH. The stack cookie check is bypassed by triggering a SEH exception.
-
-
18:40
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in the EZHomeTech EZServer. If a malicious user sends packets containing an overly long string, it may be possible to execute a payload remotely. Due to size constraints, this module uses the Egghunter technique.
-
18:40
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in the EZHomeTech EZServer. If a malicious user sends packets containing an overly long string, it may be possible to execute a payload remotely. Due to size constraints, this module uses the Egghunter technique.
-
18:40
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in the EZHomeTech EZServer. If a malicious user sends packets containing an overly long string, it may be possible to execute a payload remotely. Due to size constraints, this module uses the Egghunter technique.
-
-
10:09
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2495-1 - A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service.
-
10:09
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2495-1 - A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service.
-
10:09
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2495-1 - A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service.
-
-
20:00
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in MMPlayer 2.2 The vulnerability is triggered when opening a malformed M3U/PPL file that contains an overly long string, which results in overwriting a SEH record, thus allowing arbitrary code execution under the context of the user.
-
20:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in MMPlayer 2.2 The vulnerability is triggered when opening a malformed M3U/PPL file that contains an overly long string, which results in overwriting a SEH record, thus allowing arbitrary code execution under the context of the user.
-
20:00
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in MMPlayer 2.2 The vulnerability is triggered when opening a malformed M3U/PPL file that contains an overly long string, which results in overwriting a SEH record, thus allowing arbitrary code execution under the context of the user.
-
-
15:19
»
Packet Storm Security Exploits
This Metasploit module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to to the server to overwrite the hardcoded function pointer from Ws2_32.dll!WSACleanup. Once this function pointer is triggered, the code bypasses dep and then repairs the pointer to execute arbitrary code. The SEH exit function is preferred so that the administrators are not left with an unhandled exception message. When using the meterpreter payload, the process will never die, allowing for continuous exploitation.
-
15:19
»
Packet Storm Security Recent Files
This Metasploit module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to to the server to overwrite the hardcoded function pointer from Ws2_32.dll!WSACleanup. Once this function pointer is triggered, the code bypasses dep and then repairs the pointer to execute arbitrary code. The SEH exit function is preferred so that the administrators are not left with an unhandled exception message. When using the meterpreter payload, the process will never die, allowing for continuous exploitation.
-
15:19
»
Packet Storm Security Misc. Files
This Metasploit module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to to the server to overwrite the hardcoded function pointer from Ws2_32.dll!WSACleanup. Once this function pointer is triggered, the code bypasses dep and then repairs the pointer to execute arbitrary code. The SEH exit function is preferred so that the administrators are not left with an unhandled exception message. When using the meterpreter payload, the process will never die, allowing for continuous exploitation.
-
-
15:20
»
Packet Storm Security Advisories
Apple Security Advisory 2012-06-11-1 - iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.
-
15:20
»
Packet Storm Security Recent Files
Apple Security Advisory 2012-06-11-1 - iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.
-
15:20
»
Packet Storm Security Misc. Files
Apple Security Advisory 2012-06-11-1 - iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.
-
15:09
»
Packet Storm Security Exploits
Apple iTunes version 10.6.1.7 M3U playlist file walking heap buffer overflow proof of concept exploit. This also affects 10.6.0.40.
-
-
17:03
»
Packet Storm Security Recent Files
Alphanumeric shellcode is similar to ascii shellcode in that it is used to bypass character filters and evade intrusion-detection during buffer overflow exploitation. This article documents alphanumeric code on multiple architectures, but primarily the 64 bit x86 architecture. Alphanumeric shellcode requires a basic understanding of bitwise math, assembly and shellcode.
-
17:03
»
Packet Storm Security Misc. Files
Alphanumeric shellcode is similar to ascii shellcode in that it is used to bypass character filters and evade intrusion-detection during buffer overflow exploitation. This article documents alphanumeric code on multiple architectures, but primarily the 64 bit x86 architecture. Alphanumeric shellcode requires a basic understanding of bitwise math, assembly and shellcode.
-
-
10:38
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the CNC_Ctrl.dll ActiveX installed with the Samsung NET-i viewer 1.37. Specifically, when supplying a long string for the fname parameter to the BackupToAvi method, an integer overflow occurs, which leads to a posterior buffer overflow due to the use of memcpy with an incorrect size, resulting in remote code execution under the context of the user.
-
10:38
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the CNC_Ctrl.dll ActiveX installed with the Samsung NET-i viewer 1.37. Specifically, when supplying a long string for the fname parameter to the BackupToAvi method, an integer overflow occurs, which leads to a posterior buffer overflow due to the use of memcpy with an incorrect size, resulting in remote code execution under the context of the user.
-
10:38
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in the CNC_Ctrl.dll ActiveX installed with the Samsung NET-i viewer 1.37. Specifically, when supplying a long string for the fname parameter to the BackupToAvi method, an integer overflow occurs, which leads to a posterior buffer overflow due to the use of memcpy with an incorrect size, resulting in remote code execution under the context of the user.
-
-
17:45
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP packet, the application will trust a size field in the packet. The application will use this size in a copy operation into a statically sized buffer which can cause a buffer overflow. This can lead to code execution under the context of the service.
-
17:45
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP packet, the application will trust a size field in the packet. The application will use this size in a copy operation into a statically sized buffer which can cause a buffer overflow. This can lead to code execution under the context of the service.
-
17:45
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP packet, the application will trust a size field in the packet. The application will use this size in a copy operation into a statically sized buffer which can cause a buffer overflow. This can lead to code execution under the context of the service.
-
17:45
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP DataDirect SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application parses a packet that is received. When parsing a field in this packet, the application will use a signed length to copy data into a statically sized buffer located on the stack. This can lead to a buffer overflow on the stack and allow for code execution under the context of the service.
-
17:45
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP DataDirect SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application parses a packet that is received. When parsing a field in this packet, the application will use a signed length to copy data into a statically sized buffer located on the stack. This can lead to a buffer overflow on the stack and allow for code execution under the context of the service.
Skip to page:
1
2
3
...
7
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution