Lucene search
K

796 matches found

Hacker One
Hacker One
added 2014/01/28 11:52 p.m.50 views

Sandbox Escape: Linux 3.4+: arbitrary write with CONFIG_X86_X32

asmlinkage long compatsysrecvmmsgint fd, struct compatmmsghdr user mmsg, unsigned int vlen, unsigned int flags, struct compattimespec user timeout int datagrams; struct timespec ktspec; if flags & MSGCMSGCOMPAT return -EINVAL; if COMPATUSE64BITTIME return sysrecvmmsgfd, struct mmsghdr user mmsg,...

6.9CVSS0.2AI score0.34649EPSS
Exploits16
Exploit DB
Exploit DB
added 2014/01/24 12:0 a.m.23 views

MW6 Technologies MaxiCode - ActiveX 'Data' Buffer Overflow (PoC)

!-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution. COM Object - 2355C601-37D1-42B4-BEB1-03C773298DC8 MW6MaxiCode Class File Description : MaxiCode ActiveX File...

7.4AI score
Exploits0
0day.today
0day.today
added 2013/05/21 12:0 a.m.37 views

win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

Exploit for windows platform in category dos / poc I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't exploit the bug while HeavyAllocPool...

7AI score
Exploits0
exploitpack
exploitpack
added 2013/05/21 12:0 a.m.32 views

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't...

7.4AI score
Exploits0
Saint
Saint
added 2012/01/26 12:0 a.m.43 views

HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

Added: 01/26/2012 CVE: CVE-2011-4786 BID: 51396 OSVDB: 78306 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The CacheDocumentXMLWithId method from...

9.3CVSS7.1AI score0.40986EPSS
Exploits9
Saint
Saint
added 2012/01/26 12:0 a.m.39 views

HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

Added: 01/26/2012 CVE: CVE-2011-4786 BID: 51396 OSVDB: 78306 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The CacheDocumentXMLWithId method from...

9.3CVSS7.1AI score0.40986EPSS
Exploits9
Saint
Saint
added 2012/01/26 12:0 a.m.36 views

HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

Added: 01/26/2012 CVE: CVE-2011-4786 BID: 51396 OSVDB: 78306 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The CacheDocumentXMLWithId method from...

9.3CVSS7.1AI score0.40986EPSS
Exploits9
Saint
Saint
added 2012/01/26 12:0 a.m.34 views

HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

Added: 01/26/2012 CVE: CVE-2011-4786 BID: 51396 OSVDB: 78306 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The CacheDocumentXMLWithId method from...

9.3CVSS7.1AI score0.40986EPSS
Exploits9
Zero Day Initiative
Zero Day Initiative
added 2012/01/12 12:0 a.m.36 views

HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS5.9AI score0.40986EPSS
Exploits9References1
0day.today
0day.today
added 2010/12/01 12:0 a.m.76 views

Pandora FMS <= 3.1 Mullti Vulnerability

Exploit for php platform in category web applications ======================================= Pandora FMS = 3.1 Mullti Vulnerability ======================================= Path Traversal: PHP File Inclusion or RFI/LFI: Remote/Local file inclusion - CVE-2010-4281 -CVE-2010-4282 - CVSS 8.5/10...

7.1AI score0.65618EPSS
Exploits26
0day.today
0day.today
added 2010/10/30 12:0 a.m.77 views

Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite

Exploit for linux platform in category dos / poc ========================================================== Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite ========================================================== / CVE-2010-2963 Arbitrary write memory write via v4l1 compat ioctl. Kee...

7AI score0.00816EPSS
Exploits6
seebug.org
seebug.org
added 2010/10/29 12:0 a.m.63 views

Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/44242/info / CVE-2010-2963 Arbitrary write memory write via v4l1 compat ioctl. Kees Cook [email protected] greets to drosenberg, spender, taviso / define GNUSOURCE include stdio.h include unistd.h include stdlib.h include...

6.2CVSS8AI score0.00816EPSS
Exploits6
securityvulns
securityvulns
added 2009/08/19 12:0 a.m.68 views

CORE-2009-0727: Libpurple msn_slplink_process_msg&#40;&#41; Arbitrary Write Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Libpurple msnslplinkprocessmsg Arbitrary Write Vulnerability 1. Advisory Information Title: Libpurple msnslplinkprocessmsg Arbitrary Write Vulnerability Advisory ID:...

10CVSS7.9AI score0.20295EPSS
Exploits9
Core Security
Core Security
added 2009/08/18 12:0 a.m.61 views

Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability

Advisory ID Internal CORE-2009-0727 1. Advisory Information Title: Libpurple msnslplinkprocessmsg Arbitrary Write Vulnerability Advisory ID: CORE-2009-0727 Date published: 2009-08-18 Date of last update: 2009-08-18 Vendors contacted: Pidgin team Release mode: Coordinated release 2. Vulnerability...

10CVSS8AI score0.20295EPSS
Exploits8
Metasploit
Metasploit
added 2006/01/16 2:59 a.m.51 views

MS04-045 Microsoft WINS Service Memory Overwrite

This module exploits an arbitrary memory write flaw in the WINS service. This exploit has been tested against Windows 2000 only. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS04-045 Microso...

10CVSS7.4AI score0.81699EPSS
Exploits8
Packet Storm
Packet Storm
added 2005/04/17 12:0 a.m.16 views

maxthon_arbitrary_read-write.html.txt

var iVuln=null; function checkVuln try if external.readFilemaxsecurityid,"m2bookmark","plugin.ini"!=null pls.innerText='Done!'; alert"Vulnerable!"; showFileContent; window.clearIntervaliVuln; else window.status=''; // Refresh the "max.src" script by setting the source file as the same file...

7.4AI score
Exploits0
Rows per page
Query Builder