434 matches found
Red Hat Automatic Bug Reporting Tool Arbitrary File Write Vulnerability
Red Hat Automatic Bug Reporting Tool ABRT is a set of automated bug detection and reporting tools from Red Hat Red Hat. A security vulnerability exists in the abrt-action-install-debuginfo-to-abrt-cache help program in Red Hat ABRT versions prior to 2.7.1. A local attacker can exploit the...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the libmedia library in the Android operating system is related to deficiencies in access control for files. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created application...
The vulnerability of the Mac OS X operating system allows a hacker to arbitrarily change user passwords.
The vulnerability of the Apple ID OD plugin for the Mac OS X operating system is related to the management of access parameters. Exploiting this vulnerability allows a malicious actor to arbitrarily change user passwords using the created application...
The vulnerability of the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.
The vulnerability of the Windows operating system exists due to improper handling of the event log file. The vulnerability can be exploited by opening the event log file created by the attacker. As a result of exploiting this vulnerability, an attacker who operates remotely can execute arbitrary...
EasyCTF vulnerable to cross-site scripting
Overview EasyCTF is a server side CGI used to score CTF Capture The Flag. EasyCTF contains a cross-site scripting vulnerability CWE-79 that can be leveraged by an attacker created account. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
Cisco Unified MeetingPlace Web Services Directory Cross-Site Request Forgery Vulnerability
Cisco Unified MeetingPlace conferencing solutions allow organizations to host integrated voice, video, and web conferences. A cross-site request forgery vulnerability exists in the SOAP API endpoint of the web-services directory in Cisco Unified MeetingPlace version 8.6 1.9, which can be exploite...
[SECURITY] [DSA 3046-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3046-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 05, 2014 http://www.debian.org/security/faq -...
CVE-2014-4618
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to gain privileges via a user-created system object...
Code injection
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to gain privileges via a user-created system object...
CVE-2014-4618
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to gain privileges via a user-created system object...
DirPHP 1.0 - Local File Inclusion
DirPHP 1.0 - Local File Inclusion Exploit Title: DirPHP - version 1.0 Local File Inclusion Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart Montgomery Date: 7/26/14 Exploit Author: -Chosen- Contact: [email protected] Version: DirPHP - Version 1.0 Tested on: n...
Cross site scripting
Cross-site scripting XSS vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity...
VLC 2.1.2 - (.asf file) Crash PoC
No description provided by source. !/usr/bin/python VLC Media Player up to 2.1.2 DOS POC Integer Division By zero in ASF Demuxer VLC Media Player is prone to DOS utilizing a division by zero error if minimium data packet size is equal to zero. this was tested on windows XP sp3 and affects all...
HTML Email Creator <= 2.1b668 (html) Local SEH Overwrite Exploit
No description provided by source. / :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered and Exploited by dun HTML Email Creator = 2.1 build 668 html Local SEH Overwrite Exploit Vendor: http://www.html-email.net/...
CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit
No description provided by source. / CoolPlayer 2.19 Skin File Local Buffer Overflow Exploit Advisory: http://www.bmgsec.com.au/advisory/43/ Test box: WinXP Pro SP2 English Code reference is in skin.c, lines 464 - 480 Written and discovered by: r0ut3r writ3r at gmail.com / www.bmgsec.com.au /...
Ofilter Player (skin.ini) Local Crash PoC
No description provided by source. !/usr/bin/perl Exploit Title: Ofilter Player skin.ini Local Crash PoC Author:Vulnerability Discovered By Rehan Ahmed [email protected] Tested On: WinXP SP2 my $boom=\x41 x 5000; my $file=skin1.ini; C:\Program Files\OfilterPlayer\skin open$FILE,$file; print $FILE...
CoolPlayer 2.18 - M3U Playlist Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl Versions affected: 2.18 Tested on: Windows XP Pro SP2 Author: data$hack Usage: expl.pl my $file= exs3.m3u; my $junk= A x 223; my $eip = pack'V',0x7C836940; jmp esp from kernel my $shellcode = \x90 x 10; $shellcode = $shellcode...
GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability
No description provided by source. Exploit Title: GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability Date: 2010/11/04 Author: moigai e-mail: [email protected] Software Link: http://www.vector.co.jp/download/file/win95/art/fh296344.html Version: 1.83a Win32 Release Tested on: Windows XP...
yPlay 1.0.76 (.mp3) Local Crash PoC
No description provided by source. !/usr/bin/perl Usage--file created--load file--b00m.mp3 BOOM print \n; print ! yPlay 1.0.76 .mp3 Local Crash PoC\n; print \n; print ! Author: cr4wl3r\n; print ! Mail: cr4wl3r!linuxmail.org\n; print \n; my $boom = A x 1337; my $filename = b00m.mp3; open...
Triologic Media Player 8 (.m3u) Local Universal Unicode Buffer Overflow (SEH)
No description provided by source. Exploit Title: Triologic Media Player 8 .m3u Local Universal Unicode Buffer Overflow SEH Date: August 17, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version:...