lfs-overflow.txt

/ 0day Live for speed patch x s2 /s1 and demo local .mpr buffer over flow Credit's to n00b for finding bug and writing the exploit Lfs is a racing simulator with a huge player data-base with 100,000+ user's. I found a local buffer over flow where im able to execute shell code on the user's...

Live for Speed S1/S2/Demo (.ply file) Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ============================================================= Live for Speed S1/S2/Demo .ply file Buffer Overflow Exploit ============================================================= / 0day Live for speed patch x s2 /s1 and demo local .ply...

Live for Speed S1S2Demo - .ply Local Buffer Overflow

Live for Speed S1S2Demo - .ply Local Buffer Overflow / 0day Live for speed patch x s2 /s1 and demo local .ply File buffer over flow Live for speed .ply file is a set up file,This file is shared amongst user's Who want stylish number plate's on there car's the buffer over flow happened with An...

Not dead shellcode-exploit warning-the black bar safety net

HEE HEE,today the computer some of the things transferred to the mobile hard disk,find yourself previously voted over the few manuscript,crude see an article but there are a few articles or a little heat,simply submit to the evil eight,hope can be a friend in need some help...rookie write the dis...

F-Secure多个杀毒产品LHA及RAR文档绕过安全扫描漏洞

F-Secure Internet Gatekeeper和F-Secure Anti-Virus都是芬兰的一家杀毒软件厂商所发布的杀毒产品。 F-Secure的这些防病病毒工具处理畸形LHA和RAR文档时存在漏洞，远程攻击者可能利用此漏洞绕过扫描检测。 如果LHA和RAR文件设置了畸形的文档文件头的话，这些文件就可能绕过F-Secure产品的杀毒扫描，导致在用户系统上执行非授权操作。 F-Secure Anti-Virus for Workstations 7.00 F-Secure Anti-Virus for Windows Servers 7.00 F-Secure...

Microsoft Visio文档封装远程代码执行漏洞（MS07-030）

Microsoft Visio是Office套件中用于绘制流程图的软件。 Microsoft Visio解析Visio文件格式中的打包对象的方式存在内存破坏漏洞，成功利用此漏洞的攻击者可能完全控制受影响的系统。 攻击者可能通过创建恶意Visio（.VSD、.VSS或.VST）文件诱使用户打开处理来利用此漏洞，如果用户访问恶意网站或打开电子邮件中包含的特制Visio附件，则这些文件可能允许远程执行指令。 Microsoft Visio 2003 Microsoft Visio 2002 临时解决方法： 不要打开或保存从不受信任来源或从受信任来源意外收到的Microsoft Visio文件。...

file: Integer overflow

Background file is a utility that guesses a file format by scanning binary data for patterns. Description Colin Percival from FreeBSD reported that the previous fix for the fileprintf buffer overflow introduced a new integer overflow. Impact A remote attacker could entice a user to run the file...

ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability

ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-026.html May 8, 2007 -- CVE ID: CVE-2007-0215 -- Affected Vendor: Microsoft -- Affected Products: Office Excel 2000 Office Excel 2002 Office Exce...

Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...

Microsoft Office Word 2007 Multiple Vulnerabilities

No description provided by source. Mati Aharoni muts .@. offensive-security.com http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: ...

Microsoft Word 2007 - Multiple Vulnerabilities

Microsoft Word 2007 - Multiple Vulnerabilities Mati Aharoni muts .@. offensive-security.com http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results:...

Microsoft Office Word 2007 Multiple Vulnerabilities

Exploit for unknown platform in category dos / poc =================================================== Microsoft Office Word 2007 Multiple Vulnerabilities =================================================== Mati Aharoni muts email protected offensive-security.com http://www.offensive-security.com...

[Full-disclosure] Some 0day Pocs

Mati Aharoni muts .@. offensive-security.com mailto:[email protected] http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: file789-1.d...

Microsoft Word 2007 - Multiple Vulnerabilities

Mati Aharoni muts .@. offensive-security.com http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: file789-1.doc - Unspecified Overflow in word...

file: Integer underflow

Background file is a utility that guesses a file format by scanning binary data for patterns. Description Jean-Sebastien Guay-Leroux reported an integer underflow in fileprintf function. Impact A remote attacker could entice a user to run the "file" program on a specially crafted file that would...

CVE-2007-1117

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...

Format string

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...

CVE-2007-1117

Technical details are not publicly available in the provided documents. Monitor for updates.

News Rover 12.1 Rev 1 - Stack Overflow (2)

News Rover 12.1 Rev 1 - Stack Overflow 2 !/usr/bin/perl =============================================================================================== News Rover 12.1 Rev 1 Remote Stack Overflow perl exploit By Umesh Wanve [email protected]...

Fedora Core 5 : openoffice.org-2.0.2-5.16.2 (2006-770)

CVE-2006-2198 macro security - CVE-2006-2199 java applets - CVE-2006-3117 corrupt file format more details at http://www.openoffice.org/security/bulletin-20060629.h tml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...