CVE-2012-1888

Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability."...

CVE-2012-2524

Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Computer Graphics Metafile CGM file, aka "CGM File Format Memory Corruption Vulnerability."...

CVE-2012-2524

Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Computer Graphics Metafile CGM file, aka "CGM File Format Memory Corruption Vulnerability."...

globalSCAPE CuteZIP Stack Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex/zip' class Metasploit3 'globalSCAPE CuteZIP...

Microsoft Visio Viewer VSD File Format CVE-2012-1888 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

WespaJuris <= 3.0 a plurality of defect and repair-vulnerability warning-the black bar safety net

? php / Title spaJuris = 3.0 auto exploit Author: WhiteCollarGroup Website: http://www.wespadigital.com.br/ Download address http://www.wespadigital.com.br/download/wespajurisv302012.rar Affected version: 3.0 Tested platforms: Apache Server WespaJuris is a software for law firms. Use this exploit...

WespaJuris 3.0 - Multiple Vulnerabilities

WespaJuris 3.0 - Multiple Vulnerabilities Then, go to http://localhost/juris/clientdir/30/dl/webshell.php and see your webshell. :: How this exploit works? Manually work. Login bypass On login form, enter "SQLi strings": Login: '...

MPlayer subreader.c sub_read_line_sami()函数SAMI副标题文件处理漏洞

BUGTRAQ ID: 49149 MPlayer是一款视频播放器。 MPlayer svn 33471之前版本在subreader.c的"subreadlinesami"函数中存在边界错误，通过特制的SAMI副标题文件可造成栈缓冲区溢出，在应用中执行任意代码。 0 MPlayer 1.x 厂商补丁： MPlayer ------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.mplayerhq.hu/homepage/design6/news.html This file is part of the Metasploit Framewor...

Scientific Linux Security Update : freetype on SL3.x, SL4.x, SL5.x i386/x86_64

Multiple flaws were discovered in FreeType's Printer Font Binary PFB and TrueType Font TTF font-file format parsers. If a user loaded a carefully crafted font-file with a program linked against FreeType, it could cause the application to crash, or possibly execute arbitrary code. CVE-2008-1806,...

CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for libtiff CESA-2012:0468 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64

Check for the Version of gstreamer-plugins OpenVAS Vulnerability Test CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute ...

GIMP 2.8.0 - .FIT File Format Denial of Service

GIMP 2.8.0 - .FIT File Format Denial of Service Summary ======= There is a file handling DoS in GIMP the GNU Image Manipulation Program for the 'fit' file format affecting all versions Windows and Linux up to and including 2.8.0. A file in the fit format with a malformed 'XTENSION' header will...

Apple QuickTime TeXML Style Element Stack Buffer Overflow

This module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. This is due to the QuickTime3GPP.gtx component not handling certain Style...

Bluetooth scanner: Bluelog

Bluelog is a Linux Bluetooth scanner written to do a single task, log devices that are in discoverable mode. It is intended to be used as a site survey tool, determining how many discoverable Bluetooth devices there are in the area. It has also proven to be very well suited to Bluetooth traffic...

Microsoft Windows OpenType Font - File Format Denial of Service

OpenType font file format remote client-side DoS exploit for Windows By Oleksiuk Dmytro aka Cr4sh http://twitter.com/dolex http://blog.cr4.sh mailto:[email protected] INFO: Zero day vulnerability exists in kernel-mode library ATMFD.DLL, that using by OS for working with PostScript-based OpenType...

Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability(MS12-005)

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

CVE-2011-3625

creationtimestamp| type| source ---|---|--- 2012-05-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18954 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/mplayersamibof.rb 2025-10-23 21:12:56+00:00|...

Heap spraying Adobe Illustrator

Due to the recent patched vulnerabilities in Adobe Illustrator CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026 it becomes interesting to analyze the exploitability facts of the .ai file format. Early versions of the AI file format are true EPS files with a restricted, compact synta...

Microsoft Visio Viewer VSD文件格式远程代码执行漏洞(MS12-031)

BUGTRAQ ID: 53328 CVE ID: CVE-2012-0018 Microsoft Visio是Windows操作系统下运行的流程图软件，它现在是Microsoft Office软件的一个部分。 MMicrosoft Visio在验证Visio文件格式的某些属性的实现上存在远程代码执行漏洞，攻击者可通过特制的Visio文件利用此漏洞破坏内存，以当前用户权限执行任意代码。 0 Microsoft Visio Viewer 2010 SP1 Microsoft Visio Viewer 2010 0 厂商补丁： Microsoft ---------...