Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076) Exploit

Exploit for windows platform in category local exploits Source: https://github.com/monoxgas/Trebuchet Trebuchet MS15-076 CVE-2015-2370 Privilege Escalation Copies a file to any privileged location on disk Compiled with VS2015, precompiled exe in Binary directory Usage: trebuchet.exe...

Electronic Arts Origin Client 9.5.5 Multiple Privilege Escalation Vulnerabilities

The application is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag full for the 'Everyone' and 'Users' group, for the...

MS15-001 Microsoft Windows NtApphelpCacheControl Improper Authorization Check

On Windows, the system call NtApphelpCacheControl the code is actually in ahcache.sys allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to...

Microsoft IIS WebDAV Remote Buffer Overflow (MS03-007) - Ver2 (CVE-2003-0109)

The Internet Information Server IIS is a Web server packaged with several versions of the Windows operating system. The server is capable of serving static, as well as dynamic content. Several Microsoft Windows IIS servers support the World Wide Web Distributed Authoring and Versioning WebDAV...

Design/Logic Flaw

CCH Wolters Kluwer ProSystem fx Engagement aka PFX Engagement 7.1 and earlier uses weak permissions Authenticated Users: Modify and Write for the 1 Pfx.Engagement.WcfServices, 2 PFXEngDesktopService, 3 PFXSYNPFTService, and 4 P2EWinService service files in PFX Engagement, which allows local users...

CVE-2014-9113

CCH Wolters Kluwer ProSystem fx Engagement aka PFX Engagement 7.1 and earlier uses weak permissions Authenticated Users: Modify and Write for the 1 Pfx.Engagement.WcfServices, 2 PFXEngDesktopService, 3 PFXSYNPFTService, and 4 P2EWinService service files in PFX Engagement, which allows local users...

Sysax FTP Automation Server 5.33 Local Privilege Escalation

No description provided by source. Title: Sysax FTP Automation Server Local Privilege Escalation Author: Craig Freyman @cd1zz OS Tested: XP SP3 32bit Version Tested: 5.33 Date Discovered: October 1, 2012 Vendor Contacted: October 21, 2012 Vendor Response: November 1, 2012 Demo:...

Microsoft Windows XP/2003 - RPCSS Service Isolation Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34443/info Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected...

MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...

ISS PAM.dll ICQ Parser Buffer Overflow

No description provided by source. $Id: blackicepamicq.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Microsoft Windows 2000 Still Image Service Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1651/info The Still Image Service in windows 2000 is vulnerable to an unchecked buffer which could enable a user to run commands at the privilege level of the service LocalSystem by default. This is due to an unchecked...

Microsoft Windows VISTA/2008 - Thread Pool ACL Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34444/info Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected...

Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege Escalation

No description provided by source. ? Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation Vendor: Huawei Technologies Co., Ltd. Product web page: http://www.huawei.com Affected version: 1.0.0.23 V100R001C03SPC201B050 Summary: Huawei's eSpace Meeting solution fully meets...

BakBone NetVault 7.1 - Local Privilege Escalation Exploit

No description provided by source. // ===== Start UnhideNetVaultServiceWindow.c ====== include stdio.h include windows.h int main void HWND hWnd; char szWindowName = C:\Program Files\BakBone Software\NetVault\bin\nvstatsmngr.exe; printf Finding window %s\n, szWindowName ; hWnd = FindWindow...

Aloaha Credential Provider Monitor 5.0.226 Local Privilege Escalation Vulnerability

No description provided by source. Aloaha Credential Provider Monitor 5.0.226 Local Privilege Escalation Vulnerability Vendor: Aloaha Software - Wrocklage Intermedia GmbH Product web page: http://www.aloaha.com Affected version: 5.0.226 Summary: Aloaha Credential Provider represents one of the mo...

Microsoft Windows XP/VISTA/2003/2008 - WMI Service Isolation Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34442/info Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected...

MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...

Microsoft Windows Shell Handler Privilege Escalation Vulnerability (2962488)

This host is missing an important security update according to Microsoft Bulletin MS14-027. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Huawei eSpace Meeting Service 1.0.0.23 Privilege Escalation

Huawei Technologies eSpace Meeting Service version 1.0.0.23 suffers from a local privilege escalation vulnerability. Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation Vendor: Huawei Technologies Co., Ltd. Product web page: http://www.huawei.com Affected version:...

Microsoft Windows Defender CVE-2013-3154 Local Privilege Escalation Vulnerability

Description Microsoft Windows Defender is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the LocalSystem account. Successfully exploiting this issue will result in the complete compromise of affected computer...