Adobe Reader CFF Heap-Based Overflow (APSB10-09; CVE-2010-1241)

Portable Document Format PDF is an open file format created by Adobe Systems. A heap-based overflow vulnerability has been reported in Adobe Reader. The vulnerability is due to the way Adobe Reader and Acrobat parse a malformed PDF file. A remote attacker could trigger this issue via a specially...

KenWard's Zipper v1.400 Buffer Overflow - Method 2

Exploit for windows platform in category local exploits ================================================== KenWard's Zipper v1.400 Buffer Overflow - Method 2 ================================================== !/usr/bin/python KenWard's Zipper v1.400 File Name Buffer Overflow Coded by sinn3r...

KenWards Zipper 1.400 - Local Buffer Overflow (2)

KenWards Zipper 1.400 - Local Buffer Overflow 2 !/usr/bin/python KenWard's Zipper v1.400 File Name Buffer Overflow Coded by sinn3r x90.sinneratgmaild0tcom Tested on: Windows XP SP3 ENG Reference: http://www.exploit-db.com/exploits/11834 Big thanks to mrme, and corelanc0d3r. greetz to all the...

UltraISO CCD File Parsing Buffer Overflow

This module exploits a stack-based buffer overflow in EZB Systems, Inc's UltraISO. When processing .CCD files, data is read from file into a fixed-size stack buffer. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to...

VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow

This module exploits a stack-based buffer overflow in VariCAD 2010-2.05 EN. An attacker must send the file to victim and the victim must open the file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

UPX Compressed PE Executable Files (CVE-2005-2920)

ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the UPX Ultimate Packer for eXecutables fi...

Format string

Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft Office Excel DbOrParamQry Record Parsing...

Remote code execution

Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers...

Microsoft Excel Sheet Object Type Confusion (MS10-017; CVE-2010-0258)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...

Microsoft Excel XLSX File Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims to open a specially crafted 'XLXS' Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

LibTIFF TIFFFetchData Function Integer Overflow (CVE-2006-2025)

Tagged Image File Format, TIFF, is a file format used primarily for storing digital images, including photographs and line art. TIFF is a popular format for high colour depth images, along with JPEG and PNG. It is widely supported by applications that handle images, such as browsers and also imag...

Microsoft Excel File Named Graph Record Parsing Stack Overflow (MS07-023; CVE-2007-0215)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

JRE JPEG JFIF Decoder issue (6862969)

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...

Audiotran 1.4.1 - .pls Local Stack Overflow (Metasploit)

Audiotran 1.4.1 - .pls Local Stack Overflow Metasploit require 'msf/core' class Metasploit3 'Audiotran 1.4.1 PLS File Stack Overflow.', 'Description' = %q This module exploits a stack-based buffer overflow in Audiotran 1.4.1. An attacker must send the file to victim and the victim must open the...

PlayMeNow v7.3 and 7.4 Buffer Overflow (meta)

Exploit for unknown platform in category local exploits ============================================= PlayMeNow v7.3 and 7.4 Buffer Overflow meta ============================================= Tested on: Windows XP SP3 - English This file is part of the Metasploit Framework and may be subject to...

ProShow Gold v4.0.2549 (PSH File) Stack Buffer Overflow

$Id: proshowcellimagebof.rb 7911 2009-12-18 00:19:04Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Media Jukebox 8.0.400 - Local Buffer Overflow (SEH) (Metasploit)

Media Jukebox 8.0.400 - Local Buffer Overflow SEH Metasploit $Id: mediajukebox.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

Millenium MP3 Studio 2.0 (PLS File) Stack Overflow.

require 'msf/core' class Metasploit3 'Millenium MP3 Studio 2.0 PLS File Stack Overflow.', 'Description' = %q This module exploits a stack-based buffer overflow in the Millenium MP3 Studio 2.0. An attacker must send the file to victim and the victim must open the file. Alternatively it may be...

Millenium MP3 Studio 2.0 - '.pls' Universal Stack Overflow (Metasploit)

require 'msf/core' class Metasploit3 'Millenium MP3 Studio 2.0 PLS File Stack Overflow.', 'Description' = %q This module exploits a stack-based buffer overflow in the Millenium MP3 Studio 2.0. An attacker must send the file to victim and the victim must open the file. Alternatively it may be...

Audio Workstation 6.4.2.4.3 pls Buffer Overflow

view source print? require 'msf/core' class Metasploit3 'Audio Workstation 6.4.2.4.3 pls Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Audio Workstation 6.4.2.4.3. When opening a malicious pls file with the Audio Workstation, a remote attacker could overflow a...