Novell Teaming ajaxUploadImageFile Remote Code Execution (CVE-2010-2773)

Novell Teaming is a team workspace and real-time collaboration tool. It enables users to create, share, discuss, and manage information. A remote code execution vulnerability has been reported in Novell Teaming. The flaw is due to an input validation when parsing image uploads. A remote attacker...

Adobe Flash Player Embedded Image Integer Overflow (APSB10-14; CVE-2010-2170)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient sanitization by the Adobe Flash Player. A remote attacker might exploit thi...

OpenOffice EMF File EMR Record Parsing Integer Overflow (CVE-2008-2238)

An integer overflow vulnerability exists in the OpenOffice software suite. The vulnerability is due to the way OpenOffice parses EMF images. A remote attacker could exploit this vulnerability by persuading a user to open a malicious EMF file, potentially causing arbitrary code to be injected and...

UPX Compressed PE Executable Files (CVE-2005-2920)

ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the UPX Ultimate Packer for eXecutables fi...

Norton Internet Security ActiveX Command Execution (CVE-2004-0364)

Norton Internet Security is a security solution produced by Symantec corporation. There exists a vulnerability within Norton Internet Security that allows a remote attacker to run arbitrary executables on the target system through a malicious call to a certain method of a vulnerable ActiveX...

Joomla! Plugin Core Design Scriptegrator - Local File Inclusion

Joomla! Plugin Core Design Scriptegrator - Local File Inclusion Exploit Title: Core Design Scriptegrator plugin for Joomla! 1.5 file inclusion Author: S2 Crew Hungary Tested on: Debian Linux, Apache, Joomla! 1.5 Code: There's a file called jsloader.php which takes an array of file names from the...

Joomla Plugin Core Design Scriptegrator Local File Inclusion Vulnerability

Exploit for php platform in category web applications ========================================================================== Joomla Plugin Core Design Scriptegrator Local File Inclusion Vulnerability ========================================================================== Exploit Title: Cor...

myPHPupload 0.5.1 - Arbitrary File Upload

| | myPHPupload 0.5.1 Remote File Upload Vulnerability | | Author : ViRuSMaN | | Contact : [email protected] | | Home : Islam-Attack.CoM , HackTeach.OrG | | Download : http://www.graphiks.net/telecharger/myPHPupload.zip | | | | Exp : | | 1- Uoload your shell format "shell.php" | | 2- Go to The Pwd...

Update Protection against HP OpenView Network Node Manager Denial of Service

A denial of service vulnerability exists in HP OpenView Network Node Manager. The flaw is due to a design weakness when processing crafted packets sent to the server. Remote attackers could exploit this vulnerability by sending a malicious request to the affected TCP port. Successful exploitation...

Oracle Application Server Reports desname Arbitrary File Overwriting (CVE-2005-2371)

Oracle Application Server is a multi-platform solution for developing and deploying enterprise applications and web sites. The server ships with several additional components that extend its functionality. One of such component is the Oracle Reports Services. The Reports Services component allows...

RealNetworks RealPlayer RealText Parsing Buffer Overflow (CVE-2005-1766)

RealPlayer is a media player developed by RealNetworks, Inc. It supports a streaming text technology called RealText to create presentations that include text content. RealText can stream documents consisting of purely text or closed-captioned video clips, for example. The RealText resources are...

ClamAV AntiVirus cli_check_jpeg_exploit Function Denial of Service (CVE-2008-5314)

ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding and scanning several file formats including image formats like JPEG. A buffer overflow vulnerability exists in the ClamAV AntiVirus product. The...

IBM DB2 9.5 Pre-Auth Denial Of Service

Discovered by Dennis Yurichev DB2TEST database should be present on target system from sys import from socket import sockobj = socketAFINET, SOCKSTREAM sockobj.connect argv1, 50000 sockobj.send "\x00\xBE\xD0\x41\x00\x01\x00\xB8\x10\x41\x00\x7F\x11\x5E\x97\xA8"...

The CGI script of the invasion to get started quickly+script method of use-vulnerability warning-the black bar safety net

Preface: The following explanation is directed to Europe and the United States Japan website When we are doing penetration analysis of the time there are many ways to We all know the foreign servers are mostly linux platform So there are many website programs have 6 Chengdu will use a cgi script ...

auth-owners NSE Script

Attempts to find the owner of an open TCP port by querying an auth daemon which must also be open on the target system. The auth service, also known as identd, normally runs on port 113. Example Usage nmap -sV -sC Script Output 21/tcp open ftp ProFTPD 1.3.1 | auth-owners: nobody 22/tcp open ssh...

fileutility.txt

module Msf class Auxiliary::Spoof::Kyocera::FileUtility 'Kyocera Mita File Utility File Injection', 'Description' = %q This exploit attacks the Kyocera Mita File Utility 3.3.0.1 that is part of a scan to desktop solution. There are several bugs in this service. First, there is no authentication...

HP OpenView Network Node Manager connectedNodes.ovpl command execution

Added: 07/02/2008 CVE: CVE-2005-2773 BID: 14662 OSVDB: 19057 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A command injection vulnerability in the connectedNodes.ovpl CGI script allows remote attackers to execute arbitrary comman...

HP OpenView Network Node Manager connectedNodes.ovpl command execution

Added: 07/02/2008 CVE: CVE-2005-2773 BID: 14662 OSVDB: 19057 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A command injection vulnerability in the connectedNodes.ovpl CGI script allows remote attackers to execute arbitrary comman...

Preemptive Protection against Microsoft Excel Macro Validation Remote Code Execution Vulnerability (MS08-014)

A memory corruption vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target...

Internet Explorer CSS Tag Handling Memory Corruption (MS07-033; CVE-2007-1750)

CSS Cascading Style Sheets is a formatting method for Web pages using HTML.A remote code execution vulnerability has been reported in the way Microsoft Internet Explorer handles CSS tags.An attacker could exploit this issue by convincing a user to visit a specially crafted HTML document or open a...