World Of Warcraft - chat-cache.txt Local Stack Overflow Denial of Service

World Of Warcraft - chat-cache.txt Local Stack Overflow Denial of Service !/usr/bin/perl Exploit Title: World Of Warcraft Local Stack Overflow Dos Exploit chat-cache.txt Date: 04/09/2011 Author: BSOD Digital Fabien DROMAS Other details:"Code Exec" Exploit in analysis. Tests: OS: Windows 7 Version...

EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service ftAgent.exe. The Agent Service listens on TCP port 8045 for communications...

ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability

ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-246 July 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Sybase -- Affected Products: Sybase Adaptive Server --...

SuSE 11.1 Security Update : libwebkit (SAT Patch Number 4917)

This update of libwebkit fixes : - XSLT file creation allowed webpages evaluating XSLT code to create files. CVE-2011-1774 - ZDI-11-139 Webkit Anonymous Frame remote code exec %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

(Pwn2Own) Microsoft Internet Explorer onPropertyChange Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Intern...

Cisco Secure Desktop CSDWebInstaller code exec

Added: 03/23/2011 CVE: CVE-2011-0926 BID: 46536 OSVDB: 63809 Background Cisco Secure Desktop is an endpoint security management product that consists of several components, such as Prelogin Assessment/Policies, Host Scan, Cache Cleaner, Secure Desktop Vault, etc. Problem Cisco Secure Desktop...

ZDI-11-068: Adobe Acrobat Reader U3D Texture bmp RLE Decompression Remote Code Execution Vulnerability

ZDI-11-068: Adobe Acrobat Reader U3D Texture bmp RLE Decompression Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-068 February 8, 2011 -- CVE ID: CVE-2011-0592 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe...

Gravity Board X 2.0 Beta - SQL Injection / (Authenticated) Code Execution

================================================================================ Found : brainpillow Dork : "Powered By Gravity Board X v2.0 BETA" Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail : [email protected]...

Microsoft Organization Chart 2 - Remote Code Execution

Microsoft Organization Chart 2 - Remote Code Execution source: https://www.securityfocus.com/bid/31059/info Microsoft Organization Chart is prone to a remote code-execution vulnerability because of a memory-access violation. Remote attackers can exploit this issue by enticing victims into opening...

Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit

Exploit for unknown platform in category remote exploits =================================================================== Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit =================================================================== // Bea Weblogic -- Apache Connector...

phpTournois G4 - Arbitrary File Upload Code Execution

phpTournois G4 - Arbitrary File Upload Code Execution Date: 04-06-08 - Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not defined. So, using registerglobals, we can define it and let the CM...

Apple QuickTime 7.2/7.3 RSTP Response Code Exec Exploit (Vista/XP)

No description provided by source. / ============================================================= Apple Quicktime Vista/XP RSTP Response Remote Code Exec ============================================================= Discovered by: h07 Author: InTeL Tested on:...

Apple QuickTime 7.2/7.3 RSTP Response Code Exec Exploit (Vista/XP)

Exploit for unknown platform in category remote exploits ================================================================== Apple QuickTime 7.2/7.3 RSTP Response Code Exec Exploit Vista/XP ================================================================== /...

PHP <=5.2.4 open_basedir bypass & code exec & denial of service

Application: PHP =5.2.4 Web Site: http://php.net Platform: unix Bug: openbasedir bypass & code exec & denial of service/some people call this as a buffer overflow , but it's a denial of service./ special condition: default php-memory-limit ------------------------------------------------------- 1...

MS Internet Explorer 6/7 (XML Core Services) Remote Code Exec Expl2

Exploit for unknown platform in category remote exploits ======================================================================= MS Internet Explorer 6/7 XML Core Services Remote Code Exec Exploit 2 ======================================================================= var heapSprayToAddress =...

CVE-2006-3461

CVE-2006-3461 is a heap-based buffer overflow in the PixarLog decoder of libtiff, tracked in CVE-2006-3461. Affected component: libtiff prior to 3.8.2. Impact described: context-dependent attackers could potentially execute arbitrary code. Public references in connected sources corroborate that t...

TinyPHPForum 3.6 - 'UpdatePF.php' Authentication Bypass

source: https://www.securityfocus.com/bid/19281/info TinyPHPForum is prone to an authentication-bypass vulnerability because it fails to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote attacker can exploit this issue to perform administrative...

TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass

TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass source: https://www.securityfocus.com/bid/19281/info TinyPHPForum is prone to an authentication-bypass vulnerability because it fails to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/config.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary code via a URL in the relativescriptpath parameter...

CVE-2006-0418

Affected product: 123 Flash Chat Server 5.0 and 5.1. Vulnerable: eval injection in username handling that allows arbitrary code execution. Root cause: crafted username processed in a way that enables code execution. Impact: potential compromise of confidentiality, integrity, and availability (as ...