Adobe Shockwave Player Director File FFFFFF88 Record Integer Overflow (CVE-2010-2876; CVE-2010-4192)

Adobe Shockwave is a multimedia player that allows users to view interactive web content such as games, business presentations, entertainment, and advertisements from the web browser. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on systems whic...

Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability

Exploit for windows platform in category dos / poc ================================================================== Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability ================================================================== Title : Apple QuickTime FLI LinePacket Remote...

Apple QuickTime FlashPix NumberOfTiles Remote Code Execution

Exploit for windows platform in category dos / poc ============================================================ Apple QuickTime FlashPix NumberOfTiles Remote Code Execution ============================================================ ''' Title : Apple QuickTime FlashPix NumberOfTiles Remote Code...

Microsoft Internet Explorer 'OnPropertyChange_Src()' Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

Gmail Checker Plus Chrome Extension Cross Site Scripting

Gmail Checker plus Chrome extension XSS extension: https://chrome.google.com/extensions/detail/mihcahmgecmbnbcchbopgniflfhgnkff advisore:http://lostmon.blogspot.com/2010/06/gmail-checker-plus-chrome-extension-xss.html Exploit available:yes So in this case "Google Mail Checker Plus" version 1.1.7...

Mozilla Firefox Code Execution Vulnerability (Windows) - May10

The host is installed with Mozilla Firefox browser and is prone to code execution vulnerability OpenVAS Vulnerability Test $Id: gbfirefoxcodeexevulnwinmay10.nasl 5306 2017-02-16 09:00:16Z teissa $ Mozilla Firefox Code Execution Vulnerability Windows - May10 Authors: Antu Sanadi Copyright: Copyrig...

ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability

ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-051 April 5, 2010 -- CVE ID: CVE-2010-0094 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime --...

Critical Flaws Haunt Adobe Shockwave Player

Adobe’s run on the patching treadmill continued this week with a “critical” update to fix a pair of code execution holes in its Shockwave Player. The vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions, on the Windows and Mac operating systems. According to an Adobe...

Microsoft Office Excel Field Sanitization Remote Code Execution (MS09-067; CVE-2009-3134)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...

Security Update for Microsoft Visio 2002 (KB975365)

A security vulnerability exists in Microsoft Visio 2002 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

RedHat Security Advisory RHSA-2009:1136

The remote host is missing updates announced in advisory RHSA-2009:1136. The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address...

openSUSE Security Update : libsatsolver (libsatsolver-266)

A remotely exploitable code execution vulnerability via shell metachars has been fixed in libzypp. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libsatsolver-266. The text description of thi...

StoneTrip Ston3D Standalone Player Code Execution Vulnerability (Linux)

This host is installed with StoneTrip Ston3D Standalone Player and is prone to Code Execution vulnerability. OpenVAS Vulnerability Test $Id: gbston3dprdtscodeexecvulnlin.nasl 4869 2016-12-29 11:01:45Z teissa $ StoneTrip Ston3D Standalone Player Code Execution Vulnerability Linux Authors: Nikita M...

CVE-2009-1438

Integer overflow in the CSoundFile::ReadMed function src/loadmed.cpp in libmodplug before 0.8.6, as used in gstreamer-plugins, TTPlayer, and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted 1 song comment or 2 song name, which triggers a...

xpdf code execution

xpdfrc file from current location may be processed...

Microsoft Windows Image Color Management System Code Execution Vulnerability (952954)

This host is missing a critical security update according to Microsoft Bulletin MS08-046. OpenVAS Vulnerability Test $Id: gbms08-046.nasl 5863 2017-04-05 07:38:11Z antu123 $ Microsoft Windows Image Color Management System Code Execution Vulnerability 952954 Authors: Chandan S Copyright: Copyright...

Fedora 8 : phpMyAdmin-2.11.9.1-1.fc8 (2008-8269)

This update by upstream to phpMyAdmin 2.11.9.1 solves a not yet clearly specified code execution vulnerability. - auth Links to version number on login screen - core PMA does not start if iniset is disabled - bookmarks Saved queries greater than 1000 chars not displayed - export Export type...

WebPortal CMS 0.7.4 - 'code' Remote Code Execution

WebPortal POC : /index.php?m=admin&f=console&action=execute&code=id; passthruid; milw0rm.com 2008-09-23...

Microsoft Office WPG图形文件处理堆溢出漏洞（MS08-044）

BUGTRAQ ID: 30598 CVECAN ID: CVE-2008-3021 Microsoft Office是非常流行的办公软件套件。 Office的WPGIMP32.FLT模块没有正确地处理office文档中的PICT图形，如果PICT图形文件中包含有超长的bitsperpixel字段的话，则打开该文件就可能触发堆溢出，导致执行任意代码。 Microsoft Office XP SP3 Microsoft Office Converter Pack Microsoft Office 2003 Service Pack 2 Microsoft Office 2000 SP3...

CVE-2008-0984

The MP4 demuxer mp4.c for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file...