UBUNTU-CVE-2015-4521

The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors...

MASM32 11R - Crash (PoC)

EXPLOIT TITLE: Masm32v11r Buffer OverflowSEH overwrite crash POC AUTHOR: VIKRAMADITYA "-OPTIMUS" Date of Testing: 22nd September 2015 Download Link : http://www.masm32.com/masmdl.htm Tested On : Windows 10 Steps to Crash :- Step 1: Execute this python script Step 2: This script will create a file...

Pdf Shaper Buffer Overflow

This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank definition: http://dev.metabuffer.com/redmine/projects/framework/wiki/ExploitRanking...

PDF Shaper 3.5 - Local Buffer Overflow (Metasploit)

PDF Shaper 3.5 - Local Buffer Overflow Metasploit This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 'PDF Shaper Buffer Overflow', 'Description' = %q PDF Shaper is prone to a security...

PDF Shaper 3.5 - Local Buffer Overflow (Metasploit)

This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 'PDF Shaper Buffer Overflow', 'Description' = %q PDF Shaper is prone to a security vulnerability when processing PDF files. The...

PDF Shaper Buffer Overflow

This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 'PDF Shaper Buffer Overflow', 'Description' = %q PDF Shaper is prone to a security vulnerability when processing PDF files. The...

imagemagick: denial of service

Converting some specially crafted jpeg with convert could lead to a dos...

Zomorrod Cms SQL Injection Vulnerability

No description provided by source. Securitylab.ir Application Info: Name: Zomorrod Cms Vendor: http://www.zomorrod.net Vulnerability: http://site.ir/topic.php?SITEitem=54'+and+convertint,@@version='54 Discoverd By: Pouya Daneshmand Website: http://securitylab.ir Contacts: infoatsecuritylab.ir &...

Convert-UUlib 1.04/1.05 Perl Module Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13401/info Convert-UUlib Perl module is prone to a remotely exploitable buffer-overflow vulnerability. A remote attacker may leverage this condition to overwrite sensitive program control variables and thus gain control o...

CVE-2013-5583

Cross-site scripting XSS vulnerability in libraries/idnaconvert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

Discuz! x3.1 /utility/convert/index.php 代码执行漏洞

No description provided by source...

Discuz! X latest Getshell vulnerabilities EXp(comes with the plug-in)-bug warning-the black bar safety net

dz0day published In fact, we're knife inside has been playing the scrap -. - By worship under the maniac a large cattle... === Looking at before we begin to be like the clouds submitted to the author of the tribute, because it is He that title only makes us sharp knives team to research out, of...

Fedora Update for xdialog FEDORA-2013-22697

Check for the Version of xdialog OpenVAS Vulnerability Test Fedora Update for xdialog FEDORA-2013-22697 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

discuz!某自带工具可拿shell

简要描述： discuz!某自带工具，由于使用不当，可以造成webshell。 而且经过调查，使用者数量较大。 详细说明： discuz! 安装包中会自带一个转换工具 convert 这个工具由于存在安全问题，可以拿shell 一般存在网站目录 convert 或 utility/convert 而且经过调查，使用数量还是很大的。 使用前题是data目录可写，这也是这个工具的使用前题。 分析： 文件： utility\convert\include\doconfig.inc.php 中 保存配置，跟踪到saveconfigfile...

HackerOne: PNG compression DoS

ztxt: http://www.libpng.org/pub/png/spec/1.1/PNG-Chunks.htmlC.zTXt "zTXT Documentation" tech: http://www.zlib.net/zlibtech.html "zlib technical details" zlibvuln1: http://www.kb.cert.org/vuls/id/680620 zlibvuln2: http://www.kb.cert.org/vuls/id/238678 PNG compression DoS ---------------------...

PT-2013-1367 · Perl +6 · Convert::Asn1 +6

Name of the Vulnerable Software and Affected Versions: perl-Convert-ASN1 versions 0.27 and earlier Description: The issue is related to the Convert::ASN1 module for Perl, which can lead to an infinite loop when encountering unexpected input. This can be exploited by a remote attacker to cause a...

PHP IDNA Convert 0.8.0 Cross Site Scripting Vulnerability

Cross-site scripting XSS vulnerability in parameters encoded/decoded in the class PHP IDNA Convert allows remote attackers to inject arbitrary web script or HTML. PHP IDNA Convert Cross-site scripting XSS Vendor product description PHP NetIDNA is a class to convert between the Punycode and Unicod...

[IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert

PHP IDNA Convert Cross-site scripting XSS Vendor product description PHP NetIDNA is a class to convert between the Punycode and Unicode formats. Punycode is a standard described in RFC 3492 and part of IDNA Internationalizing Domain Names in Applications RFC3490 . This class allows PHP scripts to...

OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 a...

OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 a...