Muse Music All-in-One 1.5.0.001 - .pls Local Buffer Overflow (DEP Bypass)

Muse Music All-in-One 1.5.0.001 - .pls Local Buffer Overflow DEP Bypass !/usr/bin/perl +Exploit Title: Muse Music All-In-One PLS File Buffer Overflow ExploitDEP Bypass +Date: 25\09\2011DD\MM\YYYY +Author: C4SS!0 G0M3S +Software Link:...

GTA SA-MP server.cfg Local Buffer Overflow Vulnerability

Exploit for windows platform in category local exploits GTA SA-MP server.cfg Local Buffer Overflow Vulnerability 0day Date: 9-26-11 Author: SilentDream Software Link: http://team.sa-mp.com/files/samp03csvrR2-2win32.zip Tested on: XP SP3, Windows 7 Thanks to: corelanc0d3r & team, Metasploit,...

CVE-2011-3502

The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing 1 space or 2 %2e encoded dot...

Design/Logic Flaw

The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing 1 space or 2 %2e encoded dot...

Fedora Update for mongoose FEDORA-2011-11823

Check for the Version of mongoose OpenVAS Vulnerability Test Fedora Update for mongoose FEDORA-2011-11823 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

HP Client Automation radexecd.exe Remote Command Execution

The HP Client Automation service on the remote port is affected by a command execution vulnerability. The vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Client Automation. Authentication is not required to exploit the vulnerability. The flaw exis...

[SECURITY] Fedora 14 Update: mongoose-3.0-2.fc14

Mongoose web server executable is self-sufficient, it does not depend on anything to start serving requests. If it is copied to any directory and executed, it starts to serve that directory on port 8080 so to access file s, go to http://localhost:8080. If some additional configuration is required...

VulnCheck KEV: CVE-2007-4105

A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion...

Windows URL Protocol Handler may insecurely load executable files

Overview Windows URL Protocol Handler may use unsafe methods for determining how to load executable .exe files. Windows URL Protocol Handler loads a specified executable for each protocol. Windows URL Protocol Handler contains an issue with the file search path, which may insecurely load executab...

Mandriva Update for freetype2 MDVSA-2011:120 (freetype2)

Check for the Version of freetype2 OpenVAS Vulnerability Test Mandriva Update for freetype2 MDVSA-2011:120 freetype2 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

VLC Media Player '.RM' File BOF Vulnerability - Linux

VLC Media Player is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VLC Media Player '.AVI' File BOF Vulnerability (Windows)

The host is installed with VLC Media Player and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodvlcmediaplayeravibofvulnwin.nasl 8174 2017-12-19 12:23:25Z cfischer $ VLC Media Player '.AVI' File BOF Vulnerability Windows Authors: Madhuri D Copyright: Copyright c...

XnView File Search Path Executable File Injection Vulnerability - Windows

XnView is prone to an executable file injection vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

XnView File Search Path Executable File Injection Vulnerability (Windows)

This host has XnView installed and is prone to executable file injection vulnerability. Vulnerabilities Insight: The flaw is caused by an untrusted search path vulnerability when loading executables. OpenVAS Vulnerabilities Test $Id: gbxnviewcodeexecvulnwin.nasl 7052 2017-09-04 11:50:51Z teissa $...

Amoy Royal Taobao guest security vulnerabilities and fixes-vulnerability warning-the black bar safety net

Official website: http://www.taodisoft.com 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshe...

Code injection

The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions NT AUTHORITY\INTERACTIVE:F for cvpnd.exe, which allows local users to gain privileges by replacing this executable file with an arbitrary program, aka Bug ID CSCtn50645. NOTE: this vulnerability exist...

XnView < 1.98.1 Insecure Executable Loading

The version of XnView installed on the remote Windows host is earlier than 1.98.1. As such, it reportedly uses unsafe methods for determining how to load executables. Specifically, there is an issue with the file search path, which could result in the insecure loading of executables when using th...

Cisco VPN client weak permissons

Weak installation permissions allow unprivileged user to overwrite executable...

Cybozu Garoon Cross Site Scripting Vulnerability

This host is running Cybozu Garoon and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodcybozugaroonxssvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ Cybozu Garoon Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

MS Office 2010 RTF Header Stack Overflow Vulnerability Exploity Exploit

Exploit for windows platform in category local exploits Exploit Title: MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit Date: 7/3/2011 Author: Snake Shahriyar.j gmail Version: MS Office unfortunately msgr3en.dll loads a few seconds after opining office, so just need to open open...