[Converter v0.7] Analyzing and Deobfuscating Malicious Scripts

Malicious Java applets have been making news for awhile so I thought I would update Converter to include some new features to help with deobfuscating them. This is a list of changes made to this version: + Replaced Binary-to/from-Text with Binary-to/from-Hex to make it more useful + Added Filter...

libexif: "exif_convert_utf16_to_utf8()" heap-based out-of-bounds array read

The exifconvertutf16toutf8 function in exif-entry.c in the EXIF Tag Parsing Library aka libexif before 0.6.21 allows remote attackers to cause a denial of service out-of-bounds read or possibly obtain sensitive information from process memory via crafted EXIF tags in an image...

CVE-2012-2840

Off-by-one error in the exifconvertutf16toutf8 function in exif-entry.c in the EXIF Tag Parsing Library aka libexif before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image...

Fedora 15 : glibc-2.14.1-5 (2012-0018)

Revert change from -6 which filtered out GLIBCPRIVATE symbols. Not appropriate for an update release. Check values from TZ file header 767696 Convert tzdata-update to lua 743034 Mark clone as .cantunwind 749556 Update to 2.24.1 release Correctly reparse group line after enlarging the buffer 73936...

Oracle Database Multiple Vulnerabilities (January 2006 CPU)

The remote Oracle database server is missing the January 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Change Data Capture - Connection Manager - Data Pump - Data Pump Metadata API - Dictionary - Java Net...

eXPert PDF Convert to Word v7 Denial of Service Exploit

Exploit for windows platform in category dos / poc !/usr/bin/perl Title : eXPert PDF Convert to Word v7 Denial of Service Exploit Author : KedAns-Dz E-mail : email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Blocked...

eXPert PDF Convert To Word 7 Denial Of Service

!/usr/bin/perl Title : eXPert PDF Convert to Word v7 Denial of Service Exploit Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Blocked 'vspdf2word.exe' When Convert Tested on : Windows ...

PT-2011-2819 · Cgit · Cgit

Name of the Vulnerable Software and Affected Versions: cgit versions prior to 0.8.3.5 Description: The issue is caused by an off-by-one error in the convert query hexchar function in html.c in cgit.cgi. This allows remote attackers to cause a denial of service infinite loop via a string composed ...

Fedora Update for perl-Convert-UUlib FEDORA-2011-0052

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for perl-Convert-UUlib FEDORA-2011-0052

Check for the Version of perl-Convert-UUlib OpenVAS Vulnerability Test Fedora Update for perl-Convert-UUlib FEDORA-2011-0052 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for perl-Convert-UUlib FEDORA-2011-0062

Check for the Version of perl-Convert-UUlib OpenVAS Vulnerability Test Fedora Update for perl-Convert-UUlib FEDORA-2011-0062 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for perl-Convert-UUlib FEDORA-2011-0062

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 14 : perl-Convert-UUlib-1.34-1.fc14 (2011-0052)

Perl extension Convert::UUlib 1.34 : - Fix a one-byte-past-end-write buffer overflow in UURepairData reported, analysed and testcase provided by Marco Walther - Quoted-printable decoding was completely broken, try a fix Note that Tenable Network Security has extracted the preceding description...

Fedora 13 : perl-Convert-UUlib-1.34-1.fc13 (2011-0062)

Perl extension Convert::UUlib 1.34 : - Fix a one-byte-past-end-write buffer overflow in UURepairData reported, analysed and testcase provided by Marco Walther - Quoted-printable decoding was completely broken, try a fix Note that Tenable Network Security has extracted the preceding description...

Sun Solaris 10 libc/*convert Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sun Solaris 10 libc/convert cvt buffer overflow Author: Maksymilian Arciemowicz http://SecurityReason.com Date: - - Dis.: 15.04.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/9 Original URL:...

To bypass the <? PHP exit('Access Denied'); ?> Limit-vulnerability warning-the black bar safety net

To bypass ? PHP exit’Access Denied’; ?& gt; limit ? php $shellcode=’PD9waHBpbmZvKCk7Pz4’;// base64decode ? phpinfo;?& gt; $endstr=’s’; $timestamp=$endstr.$ shellcode; fileputcontents"php://filter/write=convert.base64-decode/resource=ryat.php","? PHP exit’Access Denied’; ?& gt;\t$timestamp"; ?& gt...

LiveZilla 3.1.8.3 - Cross-Site Scripting

LiveZilla 3.1.8.3 - Cross-Site Scripting Info: LiveZilla, the Next Generation Live Help / Live Chat and Live Support System connects you to your website visitors. Use LiveZilla to provide Live Chats and monitor your website visitors in real-time. Convert visitors to customers - with LiveZilla!...

M3U To ASX-WPL 1.1 - &#039;.m3u&#039; Local Buffer Overflow

exploit.py M3U To ASX-WPL 1.1 m3u Playlist file Buffer Overflow Exploit By: Encrypt3d.M!Nd http://m1nd3d.wordpress.com/ SEH Overwrite method - you can use simple jmp esp accourding to my calculations EIP Would Change after 1378 bytes.it may be diffrent on other systems. ns = "\xeb\x15\x90\x90" sh...

SuSE 11 Security Update : (SAT Patch Number 1065)

The previous security update for ImageMagick broke 'convert' in some cases. This update fixes this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C...

SuSE9 Security Update : perl-Convert-UUlib (YOU Patch Number 10044)

This update fixes a buffer overflow that could allow an attacker to execute arbitrary code. CVE-2005-1349 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41071;...