Audiotran 1.4.2.4 - Local Overflow (SEH) (DEP Bypass)

Exploit Title: Audiotran 1.4.2.4 SEH Overflow Exploit DEP Bypass Date: 09/20/10 Credit/Bug found by : Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Author: Muhamad Fadzil Ramli - mind1355 at gmail dot com Software Link: http://www.e-soft.co.uk/Audiotran.htm Version:...

SnackAmp 3.1.2 SMP Buffer Overflow

Exploit Title: SnackAmp 3.1.2 Malicious SMP Buffer Overflow Vulnerability SEH Date: 08/28/10 Author: james AT learnsecurityonline DOT com Software Link: http://sourceforge.net/projects/snackamp/ Version: 3.1.2 Tested on: Windows XP SP3 EN CVE: N/A Shoutz to MC, Thanks bro! ! /usr/bin/env ruby nSE...

A-PDF WAV to MP3 1.0.0 - Universal Local (SEH)

A-PDF WAV to MP3 1.0.0 - Universal Local SEH !/usr/bin/env python Title: A-PDF WAV to MP3 v1.0.0 Universal Local SEH Exploit Exloit By: DrIDE Tested On: XPSP3 Date: August 18, 2010 Download: http://www.brothersoft.com/a-pdf-wav-to-mp3-converter-394393.html Reference:...

EasyFTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflows

Exploit Title: Easy FTP Server v1.7.0.11 Multiple Command Buffer Overflow Date: August 12, 2010 Author: Glafkos Charalambous Software Link: http://easyftpsvr.googlecode.com/files/easyftp-server-1.7.0.11-en.zip Version: 1.7.0.11 Tested on: Windows XP SP3 En Vulnerable Commands: DELE, STOR, RNFR,...

JDK unspecified vulnerability in ImageIO component

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

JDK unspecified vulnerability in ImageIO component

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

Windows媒体解压多个远程代码执行漏洞（MS10-033）

BUGTRAQ ID: 40464,40432 CVE ID: CVE-2010-1879,CVE-2010-1880 Windows是微软发布的非常流行的操作系统。 Windows中的多个多媒体处理组件在处理媒体文件时没有正确地解析其中的压缩数据，如果用户打开了特制的媒体文件，就可能允许远程代码执行。如果用户以管理权限登录，则成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft DirectX 9.0 Microsoft Media Format Runtime 9.5 x64 Microsoft Media Format Runtime 9.5 Microsoft...

time(2)-based Context Keyed Payload Encoder

This is a Context-Keyed Payload Encoder based on time2 and Shikata Ga Nai. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/poly' class MetasploitModule 'time2-based Context Keyed Payload Encoder',...

CPUID-based Context Keyed Payload Encoder

This is a Context-Keyed Payload Encoder based on CPUID and Shikata Ga Nai. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/poly' class MetasploitModule 'CPUID-based Context Keyed Payload Encoder',...

stat(2)-based Context Keyed Payload Encoder

This is a Context-Keyed Payload Encoder based on stat2 and Shikata Ga Nai. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/poly' class MetasploitModule 'stat2-based Context Keyed Payload Encoder',...

Microsoft Media Decompression Remote Code Execution Vulnerability (979902)

This host is missing a critical security update according to Microsoft Bulletin MS10-033. OpenVAS Vulnerability Test $Id: secpodms10-033.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Media Decompression Remote Code Execution Vulnerability 979902 Authors: Veerendra GG Updated By: Madhuri D on...

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

Microsoft Windows Media Decompression (CVE-2010-1879) Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability when handling compressed media files. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. A successful exploit may allow arbitrary code to run in the context of the currently...

Mandriva Update for k3b MDVA-2010:150 (k3b)

Check for the Version of k3b OpenVAS Vulnerability Test Mandriva Update for k3b MDVA-2010:150 k3b Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) (Metasploit)

$Id: ms08053mediaencoder.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

VulnCheck KEV: CVE-2008-3008

Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."...

JDK unspecified vulnerability in ImageIO component

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

IDEAL Administration 2010 10.2 - Local Buffer Overflow

!/usr/bin/env python IDEAL Administration 2010 v10.2 Local Buffer Overflow Exploit Found By: DrIDE Usage: Migrate - Open Migration Project - Bind Shell Download: www.pointdev.com Tested On: Windows XPSP3 windows/shellbindtcp - 696 bytes Encoder: x86/alphamixed EXITFUNC=seh, LPORT=4444 sc =...

Only strings are encoded

The XML encoder only encodes strings. This could make Confluence return non encoded content. This issue is rated HIGH. Please see http://confluence.atlassian.com/x/ZILmD for more security related issue and more information on how we rate issues...