8296 matches found
Webster HTTP Server GET Buffer Overflow
No description provided by source. $Id: websterhttp.rb 10887 2010-11-03 12:19:19Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Firebird Relational Database isc_create_database() Buffer Overflow
No description provided by source. $Id: fbisccreatedatabase.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Winamp 5.572 - whatsnew.txt Local Buffer Overflow Exploit WinXP SP3 De
No description provided by source. Tested on: WinXP SP3 De !/usr/bin/perl Still learning, having some fun... Greetz to -Sid- Roadkill Jess Dawn Linki Special greetz do Debug, even i dont know you. Nice find man. Exploit has something around 70% chance of success. print \n\n; print Winamp 5.572...
InfoSoft FusionCharts 3 SWF Flash File Remote Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27109/info InfoSoft FusionCharts is prone to a remote code-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute malicious script cod...
Java - Debug Wire Protocol Remote Code Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::EXE include Msf::Exploit::FileDropper...
Java Debug Wire Protocol Remote Code Execution Exploit
This Metasploit module abuses exposed Java Debug Wire Protocol services in order to execute arbitrary Java code remotely. It just abuses the protocol features, since no authentication is required if the service is enabled. This module requires Metasploit: http//metasploit.com/download Current...
Java Debug Wire Protocol Remote Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::EXE include Msf::Exploit::FileDropper...
winxp, the win2003, win7, win8 General the shellcode-exploit warning-the black bar safety net
This code in vc6 to compile, extract the shellcode when the debug mode, open the memory window, copy the binary code into the shellcode can be Code changes to the original address: http://hi.baidu.com/egodcore/item/c13e67fe197c940fc6dc45f5 int main asm nop; nop; nop; nop; nop; nop; nop; push ebp;...
openSUSE Security Update : mysql-cluster (openSUSE-SU-2012:0617-1)
MySQL Cluster 7.1.21 fixes several security issues and bugs. Please refer to the following upstream announcement for details : http://dev.mysql.com/doc/refman/5.1/en/mysql-cluster-news-7-1.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)
ruby19 was updated to fix various bugs and security issues: Update to 1.9.3 p385 bnc802406 - XSS exploit of RDoc documentation generated by rdoc CVE-2013-0256 - for other changes see /usr/share/doc/packages/ruby19/Changelog Update to 1.9.3 p327 bnc789983 - CVE-2012-5371 and plenty of other fixes...
Java Debug Wire Protocol Remote Code Execution
This module abuses exposed Java Debug Wire Protocol services in order to execute arbitrary Java code remotely. It just abuses the protocol features, since no authentication is required if the service is enabled. This module requires Metasploit: https://metasploit.com/download Current source:...
NS_ASG 6.3 /debug/show_logfile.php 任意文件下载漏洞
No description provided by source...
MS KB2927432: Visual Studio Update 2 for Debug Interface Access SDK
The version of the Microsoft Debug Interface Access Library on the remote host is affected by a memory corruption vulnerability related to parsing PDB files. An attacker could exploit this issue by tricking a user into loading a malicious file. This could allow an attacker to execute arbitrary co...
Memory corruption
msdia.dll in Microsoft Debug Interface Access DIA SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service...
CVE-2014-3802
msdia.dll in Microsoft Debug Interface Access DIA SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service...
CVE-2014-3802
The CVE-2014-3802 issue affects msdia.dll (Microsoft Debug Interface Access Library) in Visual Studio prior to 2013. The root cause is a failure to validate an unspecified variable when calculating a dynamic-call address while parsing PDB files, leading to memory corruption. Impact per sources: r...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
DEBIAN-CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...