NetSupport Manager Agent Remote Buffer Overflow

This module exploits a buffer overflow in NetSupport Manager Agent. It uses a similar ROP to the proftpdiac exploit in order to avoid non executable stack. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

NetSupport Manager Agent - Remote Buffer Overflow (Metasploit) (2)

$Id: netsupportmanageragent.rb 11868 2011-03-03 01:04:47Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2011-0452

Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

Design/Logic Flaw

Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

CVE-2011-0452

Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability

ZDI-11-092: 0day Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-092 February 23, 2011 -- CVE ID: CVE-2011-0925 -- CVSS: 8.3, AV:N/AC:M/Au:N/C:P/I:P/A:C -- Affected Vendors: Cisco -- Affected...

Lunascape may insecurely load executable files

Overview Lunascape may use unsafe methods for determining how to load executables .exe. Lunascape is a web browser. Lunascape loads certain executables when using the "script" function. Lunascape contain an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki...

JVN#38362957: Lunascape may insecurely load executable files

Lunascape is a web browser. Lunascape loads certain executables when using the "script" function. Lunascape contain an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Upda...

OllyDbg 2.01 Alpha 2 Tool New Version Download !

"OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable." Version 2.01 alpha 2 is an intermediate functional release with many new useful features. The most important novelt...

Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)

$Id: mssqlpayloadsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Opera may insecurely load executable files

Overview Opera may use unsafe methods for determining how to load executables .exe. Opera loads certain executables .exe when opening the folder where downloaded contents are stored. Opera contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reporte...

JVN#33880169: Opera may insecurely load executable files

Opera loads certain executables .exe when opening the folder where downloaded contents are stored. Opera contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update...

CVE-2011-0450

The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file...

Code injection

The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file...

Unrestricted file upload

Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm...

The wrong executable may be used to display a downloaded file in its folder – Opera Security Advisories

The wrong executable may be used to display a downloaded file in its folder – Opera Security Advisories OPCOM Team | January 28, 2011 Severity Low Affected versions This issue affects Opera for Microsoft Windows. Description Opera’s downloads manager allows users to select a file, and open the...

The wrong executable may be used to display a downloaded file in its folder

Opera's downloads manager allows users to select a file, and open the folder containing that file. This file will be opened using the operating system's file system viewer. In some cases, Opera will use the wrong executable when trying to show the folder view, and that executable may execute code...

Opera < 11.01 Multiple Vulnerabilities

The version of Opera installed on the remote Windows host is earlier than 11.01. Such versions are potentially affected by the following issues : - The Cascading Style Sheets CSS Extensions for XML implementation recognizes links to javascript: URLs in the -o-link property, which could be abused ...

Opera < 11.01 Multiple Vulnerabilities

Binary data 5747.prm...

Unrestricted file upload

Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...