8517 matches found
CVE-2007-0017
Multiple format string vulnerabilities in 1 the cdiologhandler function in modules/access/cdda/access.c in the CDDA libcddaplugin plugin, and the 2 cdiologhandler and 3 vcdloghandler functions in modules/access/vcdx/access.c in the VCDX libvcdxplugin plugin, in VideoLAN VLC 0.7.0 through 0.8.6...
CVE-2007-0017
VLC 0.7.0–0.8.6 contains a format-string vulnerability in the cdio_log_handler, vcd_log_handler, and cdio_log_handler functions (modules/access/cdda/access.c and modules/access/vcdx/access.c) that can be triggered by a malformed udp:// URI in an M3U file. The underlying issue is format string han...
CVE-2007-0017
Multiple format string vulnerabilities in 1 the cdiologhandler function in modules/access/cdda/access.c in the CDDA libcddaplugin plugin, and the 2 cdiologhandler and 3 vcdloghandler functions in modules/access/vcdx/access.c in the VCDX libvcdxplugin plugin, in VideoLAN VLC 0.7.0 through 0.8.6...
Xine 0.99.4 - '.m3u' Remote Format String
source: https://www.securityfocus.com/bid/22252/info The 'xine' program is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Successfully...
VLC Media Player 0.8.6 (udp://) Format String Exploit (x86)
No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-x86.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This exploit will create a malicious .m3u file that will cause VLC Player for OSX to execute arbitrary code. $outfile = "pwnage.m3u";...
Xine 0.99.4 - .m3u Remote Format String
Xine 0.99.4 - .m3u Remote Format String source: https://www.securityfocus.com/bid/22252/info The 'xine' program is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a...
VLC Media Player 0.8.6 (udp://) Format String Exploit PoC (ppc)
No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is just a vanilla format string exploit for OSX on ppc. We overwrite a saved return addy with our shellcode address...
VLC Media Player 0.8.6 (udp://) Format String Exploit PoC (ppc)
Exploit for macOS platform in category dos / poc =============================================================== VLC Media Player 0.8.6 udp:// Format String Exploit PoC ppc =============================================================== !/usr/bin/perl...
VideoLAN VLC Media Player 0.8.6 (x86) - udp: Format String
VideoLAN VLC Media Player 0.8.6 x86 - udp: Format String !/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-x86.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This exploit will create a malicious .m3u file that will cause VLC Player for OSX to execute arbitrary code. $outfil...
VideoLAN VLC Media Player 0.8.6 (PPC) - udp: Format String (PoC)
VideoLAN VLC Media Player 0.8.6 PPC - udp: Format String PoC !/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is just a vanilla format string exploit for OSX on ppc. We overwrite a saved return addy with our shellcode...
VideoLAN VLC Media Player 0.8.6 (PPC) - 'udp://' Format String (PoC)
!/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is just a vanilla format string exploit for OSX on ppc. We overwrite a saved return addy with our shellcode address. This code currently overwrites the saved return add...
VideoLAN VLC Media Player 0.8.6 (x86) - 'udp://' Format String
!/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-x86.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This exploit will create a malicious .m3u file that will cause VLC Player for OSX to execute arbitrary code. $outfile = "pwnage.m3u"; $bindshell =...
VLC Media Player 0.8.6 (udp://) Format String Exploit (x86)
Exploit for macOS platform in category local exploits =========================================================== VLC Media Player 0.8.6 udp:// Format String Exploit x86 =========================================================== !/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-x86.pl...
Georgia SoftWorks Secure Shell Server 7.1.3 - Multiple Remote Code Execution Vulnerabilities
source: https://www.securityfocus.com/bid/27103/info Georgia SoftWorks Secure Shell Server is prone to multiple remote code-execution vulnerabilities: - A format-string vulnerability - Two buffer-overflow vulnerabilities. Successfully exploiting these issues allows remote attackers to execute...
Debian DSA-1242-1 : elog - several vulnerabilities
Several remote vulnerabilities have been discovered in elog, a web-based electronic logbook, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-5063 Tilman Koschnick discovered that log entry editing i...
CVE-2005-4817
The CVE-2005-4817 issue affects Textbased MSN Client (TMSNC) up to version before 0.2.5. It is a format-string vulnerability in ui.c that allows an attacker to cause a denial of service and possibly execute arbitrary code via injection into the wprintw function. Exploitation details are not provi...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
DEBIAN-CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...