4192 matches found
msbasic-overflow.txt
usage: exploit.py print "-----------------------------------------------------------------------" print ' PoC 2 MS Visual Basic Enterprise Ed. 6 SP6 ".dsr" File Handling BoF\n' print " author: shinnai" print " mail: shinnaiatautisticidotorg" print " site: http://shinnai.altervista.org\n" print "...
MS Visual Basic Enterprise Ed. 6 SP6 DSR File Local BOF Exploit
Exploit for unknown platform in category local exploits =============================================================== MS Visual Basic Enterprise Ed. 6 SP6 DSR File Local BOF Exploit =============================================================== usage: exploit.py print...
Microsoft Visual Basic Enterprise Ed. 6 SP6 DSR File Local BoF Exploit
MS Visual Basic Enterprise Ed. 6 SP6 DSR File Local BOF Exploit. Local exploit for windows platform usage: exploit.py print "-----------------------------------------------------------------------" print ' PoC 2 MS Visual Basic Enterprise Ed. 6 SP6 ".dsr" File Handling BoF\n' print " author:...
vbe6-dos.txt
Stack overflow in vbe6.dll, used by all versions of MS Office The overflow occurs in Visual Basic for Application. Creating a property with a long name about 247 chars results in a stack overflow in vbe6.dll which overwrites with a null byte the first byte of the return address. Probably impossib...
Visual Basic (vbe6.dll) Local Stack Overflow PoC / DoS
No description provided by source. Stack overflow in vbe6.dll, used by all versions of MS Office The overflow occurs in Visual Basic for Application. ...
Visual Basic - vbe6.dll Local Stack Overflow (PoC) Denial of Service
Visual Basic - vbe6.dll Local Stack Overflow PoC Denial of Service Stack overflow in vbe6.dll, used by all versions of MS Office The overflow occurs in Visual Basic for Application. Creating a property with a long name about 247 chars results in a stack overflow in vbe6.dll which overwrites with ...
Visual Basic (vbe6.dll) Local Stack Overflow PoC / DoS
Exploit for unknown platform in category dos / poc ====================================================== Visual Basic vbe6.dll Local Stack Overflow PoC / DoS ====================================================== Stack overflow in vbe6.dll, used by all versions of MS Office The overflow occurs i...
Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service
Stack overflow in vbe6.dll, used by all versions of MS Office The overflow occurs in Visual Basic for Application. Creating a property with a long name about 247 chars results in a stack overflow in vbe6.dll which overwrites with a null byte the first byte of the return address. Probably impossib...
CVE-2008-1238
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely ...
Cross site request forgery (csrf)
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely ...
CVE-2008-1238
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely ...
Referrer spoofing bug
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely ...
Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities
No description provided by source. regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin...
Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities
Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...
Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)
regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...
HTTP Referrer spoofing with malformed URLs — Mozilla
Security researcher Gregory Fleischer demonstrated a problem with the HTTP Referer: sic header sent with requests to URLs containing Basic Authentication credentials with empty usernames. In these cases a number of leading characters, based on the length of the password in the URL, are removed fr...
Microsoft Excel Style Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file '.xls'. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
authentix-xss.txt
Description: "Form-based or 100% cookie-free "Basic Authentication" website protection while keeping your NT Users Names and Passwords private. Protect all files, not just ASP pages. Validate against internal database, text file or external ODBC datasource." - www.flicks.com Summary: The Authenti...
Microsoft Windows OLE自动化堆溢出漏洞(MS08-008)
BUGTRAQ ID: 27661 CVECAN ID: CVE-2007-0065 Microsoft Windows是微软发布的非常流行的操作系统。 对象链接和嵌入(OLE)自动化处理特制脚本请求的方式存在堆溢出漏洞,如果用户受骗访问了恶意站点的话,就可能触发这个溢出,导致以登录用户的权限对系统进行更改。如果用户以管理权限登录的话,攻击者就可以完全控制受影响的系统。 Microsoft Office 2004 for Mac Microsoft Visual Basic 6.0 SP6 Microsoft Windows XP SP2 Microsoft Windows Vista...
Microsoft Security Bulletin MS08-008 – Critical Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)
Microsoft Security Bulletin MS08-008 – Critical Vulnerability in OLE Automation Could Allow Remote Code Execution 947890 Published: February 12, 2008 Version: 1.0 General Information Executive Summary This critical security update resolves a privately reported vulnerability. This vulnerability...