Lucene search
K

33 matches found

Check Point Advisories
Check Point Advisories
added 2019/02/14 12:0 a.m.2 views

Microsoft Windows OLE Obfuscated Automation Array Remote Code Execution (CVE-2014-6332)

A new obfuscation technique of remote code execution vulnerability has been reported in Microsoft Windows Object Linking and Embedding OLE. The vulnerability is due to an improper access to memory objects by Internet Explorer. A remote attacker can exploit this issue by enticing target users to...

9.3CVSS4.2AI score0.94996EPSS
Exploits39
ThreatPost
ThreatPost
added 2018/07/02 6:32 p.m.115 views

ThreatList: Exploit Kits Still a Top Web-based Threat

What we can glean from a 2018 roundup of current web-threats is old vulnerabilities die hard. In a report, released by Palo Alto Networks Unit 42, researchers said so far this year cybercriminals are targeting unpatched PCs with ancient CVEs and well-known exploit kits. Here is a ThreatList from...

10CVSS8.9AI score0.94996EPSS
Exploits54References8
ThreatPost
ThreatPost
added 2017/10/25 8:28 a.m.86 views

Malvertising Campaign Redirects Browsers To Terror Exploit Kit

Security experts are warning some “Quit Smoking” and “20 Minute Fat Loss” ads online are delivering more than sales pitches. According to researchers at Zscaler, ads are redirecting browsers to malicious landing pages hosting the Terror exploit kit. The campaigns have been sustained, with the...

9.3CVSS9.1AI score0.94996EPSS
Exploits49References8
ThreatPost
ThreatPost
added 2017/06/02 2:32 p.m.104 views

EternalBlue Exploit Spreading Gh0st RAT, Nitol

EternalBlue, the exploit used in the WannaCry ransomware outbreak, is now being leveraged to distribute the Nitol backdoor and Gh0st RAT malware. Security researchers at FireEye said, just as WannaCry criminals did, threat actors are leveraging the same Microsoft Server Message Block SMB protocol...

9.3CVSS2AI score0.94996EPSS
Exploits39References6
FireEye
FireEye
added 2017/06/02 9:0 a.m.148 views

Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads

The “EternalBlue” exploit MS017-010 was initially used by WannaCry ransomware and Adylkuzz cryptocurrency miner. Now more threat actors are leveraging the vulnerability in Microsoft Server Message Block SMB protocol – this time to distribute Backdoor.Nitol and Trojan Gh0st RAT. FireEye Dynamic...

9.3CVSS1.3AI score0.94996EPSS
Exploits39
seebug.org
seebug.org
added 2017/03/06 12:0 a.m.137 views

IE Godmode remote code execution vulnerability, CVE-2014-6332)

No description provided by source. alliedve.htm // alliewin95+ie3-win10+ie11 dve copy by yuange in 2009. cve-2014-6332 exploit https://twitter.com/yuange75 http://hi.baidu.com/yuange1975 // function runmumaa On Error Resume Next set shell=createobject"Shell.Application" shell.ShellExecute...

9.3CVSS8.8AI score0.94996EPSS
Exploits39
FireEye
FireEye
added 2016/04/21 1:45 p.m.315 views

PowerShell used for spreading Trojan.Laziok through Google Docs

Introduction Through our multi-flow detection capability, we recently identified malicious actors spreading Trojan.Laziok malware via Google Docs. We observed that the attackers managed to upload the payload to Google Docs in March 2016. During the brief time it was live, users accessing the...

9.3CVSS0.7AI score0.99966EPSS
Exploits51
FireEye
FireEye
added 2016/03/18 12:30 p.m.39 views

GongDa vs. Korean News

On Jan. 27, we observed visitors to a Korean news site being redirected to the GongDa Exploit Kit EK, potentially exposing them to malware infection. We will be referring to this site as KNS. GongDa is an exploit kit that can compromise vulnerable endpoints by use of exploits, allowing harmful...

9.3CVSS9.7AI score0.94996EPSS
Exploits39References2
FireEye
FireEye
added 2016/03/18 8:30 a.m.127 views

GongDa vs. Korean News

On Jan. 27, we observed visitors to a Korean news site being redirected to the GongDa Exploit Kit EK, potentially exposing them to malware infection. We will be referring to this site as KNS. GongDa is an exploit kit that can compromise vulnerable endpoints by use of exploits, allowing harmful...

9.3CVSS1.3AI score0.94996EPSS
Exploits39
FireEye
FireEye
added 2015/12/09 12:0 p.m.150 views

Cybercrime News Results In Cybercrime Blues

INTRODUCTION FireEye Labs recently spotted a 2011 article on cybercrime from the news site theguardian.com that redirects users to the Angler Exploit Kit. Successful exploitation by Angler resulted in a malware infection for readers of the article. A spokesperson for the guardian.com responded th...

10CVSS0.1AI score0.94996EPSS
Exploits45
seebug.org
seebug.org
added 2015/08/31 12:0 a.m.73 views

IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution

IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: = 9.0.2 Tested on: Windows 7 Exploit Based on MS14-064 CVE-2014-6332 http://www.exploit-db.com/exploits/35229/ if...

9.3CVSS9AI score0.94996EPSS
Exploits39
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.375 views

Microsoft HTA &#40;HTML Application&#41; - Remote Code Execution Vulnerability &#40;MS14-064&#41;

Document Title: =============== Microsoft HTA HTML Application - Remote Code Execution Vulnerability MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M...

9.3CVSS0.7AI score0.94996EPSS
Exploits39
Packet Storm
Packet Storm
added 2015/08/22 12:0 a.m.73 views

Microsoft HTA (HTML Application) Remote Code Execution

Document Title: =============== Microsoft HTA HTML Application - Remote Code Execution Vulnerability MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M...

9.3CVSS8.6AI score0.94996EPSS
Exploits39
Vulnerability Lab
Vulnerability Lab
added 2015/08/14 12:0 a.m.123 views

MS HTA (HTML Application) - Code Execution (MS14-064)

Document Title: =============== MS HTA HTML Application - Code Execution MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6332 CVE-ID: =======...

9.3CVSS8.7AI score0.94996EPSS
Exploits39
Packet Storm
Packet Storm
added 2015/06/01 12:0 a.m.84 views

IBM Security AppScan 9.0.2 Remote Code Execution

!/usr/bin/python import BaseHTTPServer, socket IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: function runmumaa On Error Resume Next set...

9.3CVSS0.94996EPSS
Exploits39
Exploit DB
Exploit DB
added 2015/06/01 12:0 a.m.70 views

IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution

!/usr/bin/python import BaseHTTPServer, socket IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: function runmumaa On Error Resume Next set shell=createobject"Shel...

9.3CVSS8.6AI score0.94996EPSS
Exploits39
myhack58
myhack58
added 2014/12/24 12:0 a.m.65 views

Analysis of exploit kits(EXP)family members Archie and Astrum-vulnerability warning-the black bar safety net

Exploit kits(EXP)has been spread crimeware important tool. As the saying goes, know ourselves victorious, as security researchers, we must fully understand and analyze them. This article will introduce two of the latest popular Tools Pack-Archie and Astrum. Archie kit Archie kits in 8 months has...

1.1AI score
Exploits0
0day.today
0day.today
added 2014/12/01 12:0 a.m.124 views

Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution Exploit

This Metasploit module exploits Windows OLE Automation Array Vulnerability known as CVE-2014-6332. The vulnerability affects Internet Explorer 3.0 until version 11 within Windows95 up to Windows 10. Powershell is required on the target machine. On Internet Explorer versions using Protected Mode,...

9.3CVSS0.94996EPSS
Exploits39
Packet Storm
Packet Storm
added 2014/11/30 12:0 a.m.83 views

Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' class Metasploit4 HttpClients::IE, :uaminver = "3.0", :uamaxver = "10.0", :javascript = true, :osname =...

9.3CVSS8.6AI score0.94996EPSS
Exploits39
Metasploit
Metasploit
added 2014/11/24 7:25 a.m.77 views

MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution

This module exploits the Windows OLE Automation array vulnerability, CVE-2014-6332. The vulnerability is known to affect Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10, and no patch for Windows XP. However, this exploit will only target Windows XP and Windows 7 box due ...

8.8CVSS8.7AI score0.94996EPSS
Exploits39
Rows per page
Query Builder