1010 matches found
CVE-2013-1980
Buffer overflow in the getdsmp function in loaders/masiload.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file...
CVE-2013-2031
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome and Firefox...
GOMPlayer 2.2.53.5169 (.wav) - Crash POC
Exploit for windows platform in category dos / poc Exploit Title: GOMPlayer Version 2.2.53.5169 .wav - Crash POC Date: 03-09-2013 Exploit Author: ariarat Software Link: http://download.cnet.com/GOM-Media-Player/3000-136324-10551786.html?part=dl-GOMMediaP&subj=dl&tag=button Version: 2.2.53.5169...
Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption
!/usr/bin/python Exploit Title: Photodex ProShow Producer v5.0.3297 .pxs Memory Corruption Vulnerability Version: = 5.0.3297 Date: 2013-02-14 Author: Julien Ahrens @MrTuxracer Homepage: http://www.inshell.net Software Link: http://www.photodex.com Tested on: Windows XP SP3 Professional German...
Photodex ProShow Producer 5.0.3297 - .pxs Memory Corruption
Photodex ProShow Producer 5.0.3297 - .pxs Memory Corruption !/usr/bin/python Exploit Title: Photodex ProShow Producer v5.0.3297 .pxs Memory Corruption Vulnerability Version: = 5.0.3297 Date: 2013-02-14 Author: Julien Ahrens @MrTuxracer Homepage: http://www.inshell.net Software Link:...
DEBIAN-CVE-2012-2241
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...
CVE-2011-3951
The dpcmdecodeframe function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted stere...
CVE-2012-3437
The Magickpngmalloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service crash via a crafted PNG file that triggers incorrect memory allocation...
Orbis CMS 1.0.2 Upload File Exploit
Exploit for php platform in category web applications +-----------------------------------------+ Exploit Title: Orbis CMS 1.0.2 Upload File Exploit Author: Dr.KroOoZ Software : http://www.novo-ws.com/orbis-cms/orbis-1.0.2.zip Tested on: Linux - Windows Dork : "Powered by Orbis CMS" Video :...
CVE-2012-1419
The TAR file parser in ClamAV 0.96.4 and Quick Heal aka Cat QuickHeal 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial aliases character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the...
VLC v. 2.0.1.0 .pmp Memory Corruption
Exploit for windows platform in category local exploits Exploit Title: VLC v. 2.0.1.0 .pmp Memory Corruption Date: 3/15/2012 Author: Dan Fosco Vendor or Software Link: www.videolan.org Version: 2.0.1.0 Category: local Google dork: n/a Tested on: Windows XP SP3 64-bit Demo site: n/a Tested on stab...
KLA10046 ACE vulnerability in ACDSee PRO
A memory corruption vulnerability was found in the ACDSee Pro. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited at a point related to IDEACDStd.apl. via a specially designed .gif file. Original advisories report Related products...
Duqu Attackers Using Word Docs As Attack Vector
As the analysis of the Duqu malware continues to evolve, the picture that’s emerging is becoming more and more intriguing. The latest bits of evidence uncovered show that not only do the attackers create custom files for each individual attack, there is evidence indicating that they might have be...
CVE-2011-2713
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service crash via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser...
DynMedia Pro Web CMS 4.0 Local File Disclosure
Exploit for php platform in category web applications |||!===========================================================================! DynMedia Pro Web CMS 4.0 ||Local File Disclosure Exploit| | Author : MbahSemar email protected Homepage : http://www.indonesianhacker.or.id | http://suramcrew.org...
CVE-2011-1167
Heap-based buffer overflow in the thunder aka ThunderScan decoder in tifthunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value...
CVE-2011-0531
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service crash and execute arbitrary commands via a crafted MKV WebM or Matroska file that triggers memory corruption, related to "class mismatching" and the...
Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download
Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download !/usr/bin/perl use LWP::Simple; Caedo HTTPd Server v 0.5.1 ALPHA Remote File Download Exploit Author : Zer0 Thunder if @ARGV $file"; print FILE $result; close FILE; print " File Saved : $file \n\n"; print...
Virtuosa Phoenix Edition 5.2 ASX SEH BOF
Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: Virtuosa Phoenix Edition 5.2 ASX BOF SEH Overwrite Date found: Aug 16th 2010 Author: Acidgen Software Link: http://download1.virtuosa.com/VirtuosaTrial.exe Version: 5.2 Tested on: Windows XP SP2 Virtuosa - Fil...
Hanso Player 1.4.0 Denial Of Service
=================================================== Hanso Player Version 1.4.0 .m3u Denial of Service Vulnerability =================================================== .....................X-SHADOW ; ThBa7 ; KloofQ8 ; LeGEnD ; abada ... .......................................Fuck ALL lamers...