145 matches found
LanSpy 2.0.1.159 - Buffer Overflow (SEH) (Egghunter)
Exploit Title: LanSpy 2.0.1.159 - Local Buffer Overflow SEH Egghunter Exploit Author: bzyo Date: 12-19-18 Twitter: @bzyo Vulnerable Software: LanSpy 2.0.1.159 Vendor Homepage: https://lizardsystems.com Version: 2.0.1.159 Software Link 1:...
Allok Video Splitter 3.1.12.17 - Denial of Service
Exploit Title: Allok Video Splitter 3.1.1217 Date: 2018-05-09 Exploit Author: Achilles Vendor Homepage: http://www.alloksoft.com/ Vulnerable Software: http://www.alloksoft.com/allokvsplitter.exe Tested on OS: Windows 7 64-bit DE Steps to reproduce: Copy the contents of the file Evil.txt and paste...
Copy-Paste Vulnerability Through LibXML2
Nokogiri is vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to CVE-2017-18258 - the LibXML2 decoder does not limit memory usage for what is required when decoding LZMA files...
OBS Studio 20.1.3 - Local Buffer Overflow
author = ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: [email protected] Exploit Title: OBS-Studio-20.1.3 Local Buffer Overflow Zer0Day SEH Based PoC Date: 2018.01.15 Exploit Author: Greg Priest Version: OBS-Studio-20.1.3 Tested on: Windows7 x64 HUN/ENG Enterprise Software...
Microsoft Office Information Disclosure Vulnerability (CNVD-2018-00739)
Microsoft Office is an office software suite of products developed by the American Microsoft Corporation Microsoft. An information disclosure vulnerability exists in Microsoft Office that originates from the program failing to properly enforce copy/paste permissions on DRM-protected emails. An...
CVE-2017-11939
Microsoft Office 2016 Click-to-Run C2R allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability"...
Information disclosure
Microsoft Office 2016 Click-to-Run C2R allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability"...
CVE-2017-11939
Microsoft Office 2016 Click-to-Run C2R allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability"...
CVE-2017-11939
CVE-2017-11939 affects Microsoft Office 2016 (Click-to-Run). The vulnerability is an information-disclosure flaw stemming from DRM copy/paste enforcement, potentially leaking a user’s private data (e.g., private key) from the certificate store or plaintext from DRM-protected emails/drafts. Affect...
Microsoft Office Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft Outlook fails to enforce copy/paste permissions on DRM-protected emails. An attacker who successfully exploited the vulnerability could potentially extract plaintext content from DRM-protected draft emails. The attacker would have to u...
Description of the security update for PowerPoint 2016: September 12, 2017
Description of the security update for PowerPoint 2016: September 12, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...
Copy-Paste Vulnerability (CVE) Denial Of Service (DoS)
CryptoppECC contains a copy of the Crypto++ aka cryptopp and libcrypto++ library inside it. The version that it contains is vulnerable to a denial of service DoS attack through the mishandling of the ASN1 encoding. Crypto++ allocates a SecByteBlock of the size that the ASN1 decoder reads as the...
Copy-Paste Vulnerability (CPV) Through Libxslt
nokogiri has a copied version of the libxslt library. The copy that nokogiri includes is vulnerable to the following issues: 1. CVE-2016-1683 - Denial of Service DoS via an out-of-bounds heap memory access. This is caused by libxslt mishandling namespace nodes leading to out-of-bounds heap memory...
Microsoft Office Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft Outlook fails to enforce copy/paste permissions on DRM-protected emails. An attacker who successfully exploited the vulnerability could potentially extract plaintext content from DRM-protected draft emails. The attacker would have to u...
Fedora 20 : nx-libs-3.5.0.29-1.fc20 (2015-3964)
Update to 3.5.0.29 : - further reduction of code size by Mike Gabriel - /.x2go/config/keystrokes.cfg, /etc/x2go/keystrokes.cfg and /etc/nxagent/keystrokes.cfg are now respected thanks to Horst Schirmeier - security fixes for CVE-2011-2895, CVE-2011-4028, CVE-2013-4396, CVE-2013-6462, CVE-2014-020...
Fedora 22 : nx-libs-3.5.0.29-1.fc22 (2015-3953)
Update to 3.5.0.29 : - further reduction of code size by Mike Gabriel - /.x2go/config/keystrokes.cfg, /etc/x2go/keystrokes.cfg and /etc/nxagent/keystrokes.cfg are now respected thanks to Horst Schirmeier - security fixes for CVE-2011-2895, CVE-2011-4028, CVE-2013-4396, CVE-2013-6462, CVE-2014-020...
openSUSE Security Update : libreoffice-34 (openSUSE-SU-2011:1143-1)
LibreOffice 3.4 includes new interesting features and fixes, see http://www.libreoffice.org/download/3-4-new-features-and-fix es/ The update fixes the following security issue : - 704311: libreoffice Lotus Word Pro filter multiple vulnerabilities CVE-2011-2685 - 722075: LibreOffice: Out-of-bounds...
CVE-2013-0926
CVE-2013-0926 affects Google Chrome prior to 26.0.1410.43. The issue arises when copying and pasting active content in an EMBED element, enabling a user‑assisted remote attacker to trigger an unspecified impact on a crafted site. The provided documents do not specify a confirmed impact or a patch...
UBUNTU-CVE-2013-0962
Cross-site scripting XSS vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation...
Information disclosure
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different 1 domain or 2 zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."...