Sourcefire Snort rule20275eval Buffer Overflow

A buffer overflow vulnerability has been reported in a pre-compiled Snort rule distributed by Sourcefire. The vulnerability is due to a stack buffer overflow in rule 3:20275.A remote attacker can exploit this issue by sending a malicious response packet containing a overly long message to the...

General Electric D20 Password Recovery

A data leakage vulnerability has been reported in General Electric D20ME. The vulnerability is due to improper security restrictions. A remote attacker can exploit this issue by sending a specially crafted TFTP requests to the target. Successful exploitation would allow an attacker to steal...

Microsoft .Net Framework Web Proxy Auto-Discovery Code Execution (MS12-074; CVE-2012-4776)

A remote code execution vulnerability has been reported in the Microsoft .Net Framework. The vulnerability is due to an error in the way the .Net Framework retrieves the default web proxy settings. A remote attacker can exploit this issue by enticing a victim to use a malicious proxy auto...

Microsoft Internet Explorer CTreeNode Use After Free (MS12-071; CVE-2012-4775)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

Microsoft Remote Administration Protocol Denial of Service (MS12-054; CVE-2012-1850)

A denial of service vulnerability has been reported in the Microsoft Remote Administration Protocol RAP. The vulnerability is due to an error in the Windows networking components while handling specially crafted Remote Administration Protocol RAP responses. A remote attacker can exploit this issu...

Apple QuickTime SetLanguage Overflow

Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...

CoCSoft Stream Down Stack Overflow

Added: 01/10/2012 CVE: CVE-2011-5052 BID: 51190 OSVDB: 78043 Background CoCSoft Stream Down is a streaming media download tool. Problem The CoCSoft Stream Down HTTP client implementation in version 6.8 and prior does not properly validate HTTP responses. This vulnerability may allow an attacker t...

Adobe Flash Player Layered Animation Object Buffer Overflow (APSB11-28; CVE-2011-2460)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a buffer overrun while processing 3D coordinates in objects within layered animations. A remote attacker could exploit this vulnerability by enticing a user to open a web page containing an...

Adobe Flash Player Overlapping Records Memory Corruption (APSB11-28; CVE-2011-2453)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient validation of the parsed data's length. A remote attacker could exploit this vulnerability by enticing a user to open a web page containing an embedded malformed SWF file. Successfu...

Adobe Flash Player ActionScript2 Stack Buffer Overflow (APSB11-28; CVE-2011-2457)

A stack buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a memory allocation issue while handling malformed ShockWave files SWF. A remote attacker could exploit this vulnerability by enticing a user to open a web page containing an embedded...

Adobe Flash Player ATF Data Buffer Overflow (APSB11-28; CVE-2011-2456)

A stack buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient bounds checking of user supplied input while loading Adobe Texture Format ATF data. A remote attacker could exploit this vulnerability by enticing a user to open a web page...

Adobe Flash Player Embedded Flash Object Code Execution (APSB11-28; CVE-2011-2459)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to null pointer dereference in the Flash plugin while handling string values. A remote attacker could exploit this vulnerability by enticing a user to open an HTML document containing an embedd...

Internet Explorer Unsafe Scripting Misconfiguration Code Execution

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to improper configuration of the way Internet Explorer handles ActiveX controls. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted web page...

Windows Gather Windows Host File Enumeration

This module returns a list of entries in the target system's hosts file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Windows Host File Enumeration', 'Description' = %q This...

Adobe PDF file PCX Buffer Overflow (APSB11-24; CVE-2011-2437)

A remote code execution vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to buffer allocation error while parsing a PCX image header. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a malicious PDF document file...

Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222)

This host is missing a critical security update according to Microsoft Bulletin MS11-065. OpenVAS Vulnerability Test $Id: secpodms11-065.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Remote Desktop Protocol Denial of Service Vulnerability 2570222 Authors: Madhuri D Copyright: Copyright c 2011...

Windows Escalate Locked Desktop Unlocker

This module unlocks a locked Windows desktop by patching the respective code inside the LSASS.exe process. This patching process can result in the target system hanging or even rebooting, so be careful when using this module on production systems. This module requires Metasploit:...

Update Protection against Novell iManager getMultiPartParameters Unauthorized File Upload

A vulnerability was reported in Novell iManager, a web-based administration console that provides management of many other Novell products. The vulnerability is due to insufficient validation of the getMultiPartParametersfunction. A remote attacker could leverage this vulnerability to upload...

Adobe Flash Player DefineFunction2 Memory Corruption (APSB10-26; CVE-2010-3646)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. The vulnerability is due to insufficient sanitization of the DefineFunction2 value by the Adobe Flash Player. A remote attacker might exploit this issue by convincing a victim to open a specially...

Novell iManager getMultiPartParameters Unauthorized File Upload

Novell iManager is a web-based administration console that provides management of many other Novell products. The iManager service itself is a Java web application running on top of the Tomcat application container. An unauthorized file upload vulnerability has been reported in Novell iManager. T...