WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39354/info WinSoftMagic Photo Editor is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Successful...

UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit

No description provided by source. / Date : May 28th 2007. UltraISO = 8.6.2.2011 local buffer-over flow by n00b You might need to change the jmp esp% adress to your version. Tested on win xp service pack 2 eng executes calc.Don't forget you need to have the bin and cue file in the same Directory...

openSUSE Security Update : libreoffice (openSUSE-SU-2012:0433-1)

updated to libreoffice-3.4.5.4 SUSE 3.4.5-rc2 - calc - pie charts colors messed in XLS import fdo40320 - correctly import data point formats in data series fdo40320 - components - crash when parsing XML signatures fdo39657 - broken getDataArray fdo46165, fdo38441, i117010 - don't paint a frame...

MP3Info 0.8.5a - Local Buffer Overflow (SEH)

MP3Info 0.8.5a - Local Buffer Overflow SEH Exploit Title: mp3info SEH exploit Date: 18 March 2014 Exploit Author: Ayman Sagy Vendor Homepage: http://ibiblio.org/mp3info/ Software Link: https://www.exploit-db.com/apps/cb7b619a10a40aaac2113b87bb2b2ea2-mp3info-0.8.5a.tgz Version: MP3Info 0.8.5 Teste...

Steinberg MyMp3PRO 5.0 DEP Bypass With ROP

!/usr/bin/ruby Vendor: http://cjcity.ru/soft/35-8.html Software link: http://cjcity.ru/2/downloader.php?id=00000000559 print ''' Steinberg MyMp3PRO v5.0 DEP Bypass with ROP Version: 5.0 Build 5.1.0.21 Date found: 04.12.2013 Exploit Author: metacom Tested on:XP-Sp3-EN ''' sleep3 junk="\x41" 1044 R...

Mitsubishi MC-WorkX 8.02 - ActiveX Control IcoLaunch File Execution

Mitsubishi MC-WorkX 8.02 - ActiveX Control IcoLaunch File Execution Mitsubishi MC-WorkX Suite Insecure ActiveX Control IcoLaunch This proof of concept will launch an arbritrary executable when the Login Client button is clicked. An attacker could use this to have the victim launch malicious code...

ALLMediaServer 0.94 SEH Overflow

!/usr/bin/python import socket, sys Exploit Title: ALLMediaServer 0.94 SEH Overflow Exploit Date: 07/03/2013 Exploit Author: metacom E-mail:[email protected] Software Link:http://allmediaserver.org/download Version: ALLMediaServer 0.94 Tested On: Windows 7 German ALLMediaServer run online mod...

Windows XP Pro SP3 - Full ROP calc shellcode

Windows XP Pro SP3 - Full ROP calc shellcode. Shellcode exploit for windows platform / Shellcode: Windows XP PRO SP3 - Full ROP calc shellcode Author: b33f http://www.fuzzysecurity.com/ Notes: This is probably not the most efficient way but I gave the dll's a run for their money ; Greets: Donato,...

Arora 0.10.0 Windows Qt 4.5.3 DLL Hijack

/ Exploit Title: Arora 0.10.0 Windows Qt 4.5.3 DLL Hijacking Exploit wintab32.dll Date: 27/10/2012 Author: Metropolis Url: http://metropolis.fr.cr Software Link: http://code.google.com/p/arora/downloads/detail?name=Arora%200.10.0-1%20Installer.exe&can=2&q= Version: 0.10.0 Tested on: Windows 7...

NCMedia Sound Editor Pro 7.5.1 - Local Overflow (SEH + DEP Bypass)

!/usr/bin/python --------------------------------------------------------------------------- Exploit: NCMedia Sound Editor Pro v7.5.1 SEH&DEP Author: b33f - http://www.fuzzysecurity.com/ OS: Windows 7 Pro SP1 probably universal across 32-bit POC - Julien Ahrens XP SP3:...

Midori Browser 0.3.2 Denial Of Service Object++ Exploit

Exploit for linux platform in category dos / poc + Title: Midori Browser 0.3.2 Denial Of Service Object++ Exploit + Date: 9:44:14am 27 s3pt 2012 + Author: Ryuzaki Lawlet + 3mail: email protected + Blog: http://justryuz.blogspot.com + Platform: nix + OS: Ubuntu 11.10 +Information: the vulnerabilit...

Adobe Pixel Bender Toolkit2 11.0.422584 DLL Hijack

Exploit Title: Adobe Pixel Bender Toolkit2 tbbmalloc.dll DLL Hijacking Exploit Date: 2012-08-23 Author: coolkaveh [email protected] Greets To Mohammad Morteza Sanaie [email protected] Https://twitter.com/coolkaveh Vendor Homepage: http://www.adobe.com/ Version: 11.0.422584 Tested on...

WAV Player 1.1.36 Buffer Overflow

Exploit Title: wav player 1.1.3.6 .pll Buffer Overflow Date: 12/09/2011 Author: Ivan Garcia Ferreira Version: 1.1.3.6 Tested on: Windows 7 SP1 x86 Spanish Description: Wav player can not handle properly large playlists more than 1G. Reproduce: Open the wav player, make a playlist and save it. The...

Joomla Component Calc Builder (id) Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn : chipdebiosalt+64gmail.com Date : 19 June 2011 Critical Lvl : Moderate Impact : Exposure of sensitive information Where : From Remote...

Joomla Calc Builder Blind SQL Injection

--------------------------------------------------------------------------------- Joomla Component Calc Builder id Blind SQL Injection Vulnerability --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn :...

Joomla! Component com_calcbuilder - id Blind SQL Injection

Joomla! Component comcalcbuilder - id Blind SQL Injection --------------------------------------------------------------------------------- Joomla Component Calc Builder id Blind SQL Injection Vulnerability --------------------------------------------------------------------------------- Author :...

Joomla! Component com_calcbuilder - &#039;id&#039; Blind SQL Injection

--------------------------------------------------------------------------------- Joomla Component Calc Builder id Blind SQL Injection Vulnerability --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn :...

Helium Music Manager DLL Hijack

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Sonique 1.96 - .m3u Local Buffer Overflow

Sonique 1.96 - .m3u Local Buffer Overflow Application: Sonique BOF EIP Overwrite Version: 1.96 Author: Securityxxxpert Date Submitted: May 17, 2011 Download Link: http://www.tucows.com/preview/193562 Tested on: Windows XP SP3 EIP Overwritten: 239 Bytes Pita Bytes: 0x00 0x83 0x88 0x93 Notes: Not...

BlueFTP 1.2 DLL Hijacking Exploit (ProfUIS250m.dll)

Exploit for windows platform in category local exploits 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...